{
  "threat_severity" : "Moderate",
  "public_date" : "2023-01-17T00:00:00Z",
  "bugzilla" : {
    "description" : "redis: Integer overflow in the Redis SETRANGE and SORT/SORT_RO commands may result with false OOM panic",
    "id" : "2163133",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2163133"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-190",
  "details" : [ "Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory (OOM) panic. The problem is fixed in Redis versions 7.0.8, 6.2.9 and 6.0.17. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "A flaw was found in Redis, an in-memory database that persists on disk. This flaw allows authenticated users to issue specially crafted `SETRANGE` and `SORT(_RO)` commands to trigger an integer overflow, resulting in Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory (OOM) panic." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2025-01-22T00:00:00Z",
    "advisory" : "RHSA-2025:0595",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "redis:6-8100020250113083959.489197e6"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat 3scale API Management Platform 2",
    "fix_state" : "Affected",
    "package_name" : "3scale-amp-backend-container",
    "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/search-api-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Ansible Automation Platform 1.2",
    "fix_state" : "Will not fix",
    "package_name" : "ansible-tower",
    "cpe" : "cpe:/a:redhat:ansible_automation_platform"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Will not fix",
    "package_name" : "redis",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "redis",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Fuse 7",
    "fix_state" : "Not affected",
    "package_name" : "redis",
    "cpe" : "cpe:/a:redhat:jboss_fuse:7"
  }, {
    "product_name" : "Red Hat OpenStack Platform 13 (Queens)",
    "fix_state" : "Out of support scope",
    "package_name" : "redis",
    "cpe" : "cpe:/a:redhat:openstack:13"
  }, {
    "product_name" : "Red Hat Quay 3",
    "fix_state" : "Will not fix",
    "package_name" : "quay/quay-rhel8",
    "cpe" : "cpe:/a:redhat:quay:3"
  }, {
    "product_name" : "Red Hat Satellite 6",
    "fix_state" : "Not affected",
    "package_name" : "satellite:el8/rubygem-gitlab-sidekiq-fetcher",
    "cpe" : "cpe:/a:redhat:satellite:6"
  }, {
    "product_name" : "Red Hat Satellite 6",
    "fix_state" : "Not affected",
    "package_name" : "tfm-rubygem-gitlab-sidekiq-fetcher",
    "cpe" : "cpe:/a:redhat:satellite:6"
  }, {
    "product_name" : "Red Hat Software Collections",
    "fix_state" : "Will not fix",
    "package_name" : "rh-redis6-redis",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:3"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-35977\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-35977\nhttps://github.com/redis/redis/security/advisories/GHSA-mrcw-fhw9-fj8j" ],
  "name" : "CVE-2022-35977",
  "csaw" : false
}