CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
EPSS
Percentile
10.5%
Redis upstream published a fix for CVE-2023-45145. CVE-2023-45145: The wrong order of listen(2) and chmod(2) calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 9 | noarch | redis | < 7.0.14-1 | redis-7.0.14-1.mga9 |