{ "threat_severity" : "Low", "public_date" : "2022-04-27T00:00:00Z", "bugzilla" : { "description" : "redis: Malformed Lua script can crash Redis", "id" : "2080289", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2080289" }, "cvss3" : { "cvss3_base_score" : "3.3", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "status" : "verified" }, "cwe" : "CWE-476", "details" : [ "Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.", "A flaw was found in the Redis database when a malformed Lua script can cause a NULL pointer dereference. This flaw allows an attacker to load a crafting script, which results in a crash of the redis-server process." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2022-11-08T00:00:00Z", "advisory" : "RHSA-2022:7541", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "redis:6-8070020220509142426.3b9f49c4", "impact" : "low" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2022-11-15T00:00:00Z", "advisory" : "RHSA-2022:8096", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "redis-0:6.2.7-1.el9", "impact" : "low" } ], "package_state" : [ { "product_name" : "Red Hat 3scale API Management Platform 2", "fix_state" : "Affected", "package_name" : "redis", "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2" }, { "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2", "fix_state" : "Fix deferred", "package_name" : "rhacm2/redisgraph-tls-rhel8", "cpe" : "cpe:/a:redhat:acm:2" }, { "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2", "fix_state" : "Fix deferred", "package_name" : "rhacm2/search-api-rhel8", "cpe" : "cpe:/a:redhat:acm:2" }, { "product_name" : "Red Hat Ansible Automation Platform 1.2", "fix_state" : "Affected", "package_name" : "redis", "cpe" : "cpe:/a:redhat:ansible_automation_platform" }, { "product_name" : "Red Hat Ansible Tower 3", "fix_state" : "Affected", "package_name" : "redis", "cpe" : "cpe:/a:redhat:ansible_tower:3" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Fix deferred", "package_name" : "redis:5/redis", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "impact" : "low" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Fix deferred", "package_name" : "io.hawt-hawtio-integration", "cpe" : "cpe:/a:redhat:jboss_fuse:7" }, { "product_name" : "Red Hat OpenStack Platform 13 (Queens)", "fix_state" : "Out of support scope", "package_name" : "redis", "cpe" : "cpe:/a:redhat:openstack:13" }, { "product_name" : "Red Hat Software Collections", "fix_state" : "Fix deferred", "package_name" : "rh-redis5-redis", "cpe" : "cpe:/a:redhat:rhel_software_collections:3" }, { "product_name" : "Red Hat Software Collections", "fix_state" : "Fix deferred", "package_name" : "rh-redis6-redis", "cpe" : "cpe:/a:redhat:rhel_software_collections:3" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-24736\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-24736\nhttps://github.com/redis/redis/security/advisories/GHSA-3qpw-7686-5984" ], "name" : "CVE-2022-24736", "mitigation" : { "value" : "If Lua scripting is not being used, this vulnerability can be mitigated by preventing access to SCRIPT LOAD and EVAL commands using ACL rules.", "lang" : "en:us" }, "csaw" : false }