CVE-2024-31449

EUVD-2024-29337

07.10.2024, 20:15

Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7 HIGH	LOCAL	HIGH	LOW	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 98%

Affected Products (NVD)

Vendor	Product	Version
redis	redis	2.8.18 ≤ 𝑥 < 6.2.16
redis	redis	7.2.0 ≤ 𝑥 < 7.2.6
redis	redis	7.4.0
redis	redis	7.4.0:rc1
redis	redis	7.4.0:rc2

𝑥

= Vulnerable software versions

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
redis	redis	2.6 ≤ 𝑥 < 6.2.16	ADP
redis	redis	7.0.0 ≤ 𝑥 < 7.2.6	ADP
redis	redis	7.3.0 ≤ 𝑥 < 7.4.1	ADP

Debian Releases

Debian Product

Codename

redict

bullseye	ignored
forky	7.3.6+ds-1 fixed
sid	7.3.6+ds-1 fixed

redis

bookworm	5:7.0.15-1~deb12u5 fixed
bookworm (security)	5:7.0.15-1~deb12u6 fixed
bullseye	ignored
bullseye (security)	vulnerable
forky	5:8.0.5-1 fixed
sid	5:8.0.5-1 fixed
trixie	5:8.0.2-3+deb13u1 fixed
trixie (security)	5:8.0.2-3+deb13u1 fixed

valkey

bullseye	ignored
forky	8.1.4+dfsg1-1 fixed
sid	8.1.4+dfsg1-1 fixed
trixie	8.1.1+dfsg1-3+deb13u1 fixed
trixie (security)	8.1.1+dfsg1-3+deb13u1 fixed

Ubuntu Releases

Ubuntu Product

Codename

redis

bionic	needed
focal	needed
jammy	needed
noble	needed
oracular	ignored
plucky	needed
questing	not-affected
trusty	needed
xenial	needed

openSUSE / SLES Releases

openSUSE Product

Release

redis

suse enterprise sap 15 SP5	6.2.6-150400.3.28.1 fixed
suse enterprise sap 15 SP6	7.2.4-150600.3.3.1 fixed
suse enterprise server 15 SP5	6.2.6-150400.3.28.1 fixed
suse enterprise server 15 SP6	7.2.4-150600.3.3.1 fixed

redis7

suse enterprise sap 15 SP5	7.0.8-150500.3.12.1 fixed
suse enterprise sap 15 SP6	7.0.8-150600.8.3.1 fixed
suse enterprise server 15 SP5	7.0.8-150500.3.12.1 fixed
suse enterprise server 15 SP6	7.0.8-150600.8.3.1 fixed

valkey

suse enterprise sap 15 SP7	8.0.2-150700.1.7 fixed
suse enterprise server 15 SP7	8.0.2-150700.1.7 fixed

valkey-compat-redis

suse enterprise sap 15 SP7	8.0.2-150700.1.7 fixed
suse enterprise server 15 SP7	8.0.2-150700.1.7 fixed

valkey-devel

suse enterprise sap 15 SP7	8.0.2-150700.1.7 fixed
suse enterprise server 15 SP7	8.0.2-150700.1.7 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

redis

RHEL 9

0:6.2.17-1.el9_5

fixed

redis-devel

RHEL 9

0:6.2.17-1.el9_5

fixed

redis-doc

RHEL 9

0:6.2.17-1.el9_5

fixed

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

https://github.com/redis/redis/commit/1f7c148be2cbacf7d50aa461c58b871e87cc5ed9

https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5