Redis is an advanced key-value store.
Security Fix(es):
Lua scripts can overflow the heap-based Lua stack (CVE-2021-32626)
Integer overflow issue with Streams (CVE-2021-32627)
Integer overflow bug in the ziplist data structure (CVE-2021-32628)
Denial of service via Redis Standard Protocol (RESP) request
(CVE-2021-32675)
Integer overflow issue with intsets (CVE-2021-32687)
Integer overflow issue with strings (CVE-2021-41099)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 7 | x86_64 | redis | < 3.2.8-5.el7ost | redis-3.2.8-5.el7ost.x86_64.rpm |
RedHat | 7 | ppc64le | redis | < 3.2.8-5.el7ost | redis-3.2.8-5.el7ost.ppc64le.rpm |
RedHat | 7 | x86_64 | redis-debuginfo | < 3.2.8-5.el7ost | redis-debuginfo-3.2.8-5.el7ost.x86_64.rpm |
RedHat | 7 | ppc64le | redis-debuginfo | < 3.2.8-5.el7ost | redis-debuginfo-3.2.8-5.el7ost.ppc64le.rpm |