CVE-2023-36824

CVSS V2 None CVSS V3 None

Description

Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several scenarios that may lead to authenticated users executing a specially crafted `COMMAND GETKEYS` or `COMMAND GETKEYSANDFLAGS`and authenticated users who were set with ACL rules that match key names, executing a specially crafted command that refers to a variadic list of key names. The vulnerability is patched in Redis 7.0.12.

Overview

CVE ID
CVE-2023-36824

Assigner
GitHub_M

Vulnerability Status
PUBLISHED

Published Version
2023-07-11T16:16:16.432Z

Last Modified Date
2023-07-11T16:16:16.432Z

Weakness Enumerations

CWE	URL
CWE-122	http://cwe.mitre.org/data/definitions/122.html
CWE-131	http://cwe.mitre.org/data/definitions/131.html

References

Reference URL	Reference Tags
https://github.com/redis/redis/security/advisories/GHSA-4cfx-h9gq-xpx3	x_refsource_CONFIRM
https://github.com/redis/redis/releases/tag/7.0.12	x_refsource_MISC
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDNNH2ONMVNBQ6LUIAOAGDNFPKXNST5K/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MIF5MAGYARYUMRFK7PQI7HYXMK2HZE5T/
https://security.netapp.com/advisory/ntap-20230814-0009/

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-36824
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36824

History

Created	Old Value	New Value	Data Type	Notes
2024-06-25 16:56:14				Added to TrackCVE