CVE-2024-31228

EUVD-2024-29124
Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST` and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crash. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
Affected Products (NVD)
VendorProductVersion
redisredis
2.2.5 ≤
𝑥
< 6.2.16
redisredis
7.2.0 ≤
𝑥
< 7.2.6
redisredis
7.4.0
redisredis
7.4.0:rc1
redisredis
7.4.0:rc2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
redict
forky
7.3.6+ds-1
fixed
sid
7.3.6+ds-1
fixed
redis
bookworm
5:7.0.15-1~deb12u5
fixed
bookworm (security)
5:7.0.15-1~deb12u6
fixed
bullseye
vulnerable
bullseye (security)
5:6.0.16-1+deb11u8
fixed
forky
5:8.0.5-1
fixed
sid
5:8.0.5-1
fixed
trixie
5:8.0.2-3+deb13u1
fixed
trixie (security)
5:8.0.2-3+deb13u1
fixed
valkey
forky
8.1.4+dfsg1-1
fixed
sid
8.1.4+dfsg1-1
fixed
trixie
8.1.1+dfsg1-3+deb13u1
fixed
trixie (security)
8.1.1+dfsg1-3+deb13u1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
redis
bionic
Fixed 5:4.0.9-1ubuntu0.2+esm5
released
focal
Fixed 5:5.0.7-2ubuntu0.1+esm3
released
jammy
Fixed 5:6.0.16-1ubuntu1+esm2
released
noble
Fixed 5:7.0.15-1ubuntu0.24.04.1
released
oracular
Fixed 5:7.0.15-1ubuntu0.24.10.1
released
plucky
needed
questing
not-affected
trusty
Fixed 2.8.4-2ubuntu0.2+esm4
released
xenial
Fixed 2:3.0.6-1ubuntu0.4+esm3
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
redis
suse enterprise sap 15 SP5
6.2.6-150400.3.28.1
fixed
suse enterprise sap 15 SP6
7.2.4-150600.3.3.1
fixed
suse enterprise server 15 SP5
6.2.6-150400.3.28.1
fixed
suse enterprise server 15 SP6
7.2.4-150600.3.3.1
fixed
redis7
suse enterprise sap 15 SP5
7.0.8-150500.3.12.1
fixed
suse enterprise sap 15 SP6
7.0.8-150600.8.3.1
fixed
suse enterprise server 15 SP5
7.0.8-150500.3.12.1
fixed
suse enterprise server 15 SP6
7.0.8-150600.8.3.1
fixed
valkey
suse enterprise sap 15 SP7
8.0.2-150700.1.7
fixed
suse enterprise server 15 SP7
8.0.2-150700.1.7
fixed
valkey-compat-redis
suse enterprise sap 15 SP7
8.0.2-150700.1.7
fixed
suse enterprise server 15 SP7
8.0.2-150700.1.7
fixed
valkey-devel
suse enterprise sap 15 SP7
8.0.2-150700.1.7
fixed
suse enterprise server 15 SP7
8.0.2-150700.1.7
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
redis
RHEL 9
0:6.2.17-1.el9_5
fixed
redis-devel
RHEL 9
0:6.2.17-1.el9_5
fixed
redis-doc
RHEL 9
0:6.2.17-1.el9_5
fixed
Common Weakness Enumeration
References
https://github.com/redis/redis/commit/9317bf64659b33166a943ec03d5d9b954e86afb0
https://github.com/redis/redis/security/advisories/GHSA-66gq-c942-6976
https://lists.debian.org/debian-lts-announce/2024/11/msg00031.html