| Summary: | Redis Security Update - CVE-2023-25155, CVE-2022-36021 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Stig-Ørjan Smelror <smelror> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | andrewsfarm, davidwhodgins, sysadmin-bugs, tarazed25 |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK | ||
| Source RPM: | CVE: | CVE-2023-25155, CVE-2022-36021 | |
| Status comment: | |||
| Bug Depends on: | |||
| Bug Blocks: | 31174 | ||
|
Description
Stig-Ørjan Smelror
2023-03-01 14:45:59 CET
Advisory ======== Redis version 7.0.9 contains an update to 2 critical security issues. (CVE-2023-25155) Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. (CVE-2022-36021) String matching commands (like SCAN or KEYS) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. References ========== https://github.com/redis/redis/releases/tag/6.0.18 Files ===== Uploaded to core/updates_testing redis-6.0.18-1.mga8 from redis-6.0.18-1.mga8.src.rpm Assignee:
smelror =>
qa-bugs
Stig-Ørjan Smelror
2023-03-01 14:56:41 CET
CVE:
(none) =>
CVE-2023-25155, CVE-2022-36021 Updated the package for Mageia8, x86_64. Restarted the redis server. Referred to earlier bugs which used a condensed tutorial script. Fed that to the command line application and saw the expected results, as on all other occasions. $ redis-cli < tutorial OK "rapunzel" OK (integer) 8 (integer) 9 "9" (integer) 1 (integer) 1 OK [...] IIRC redis creates a database in RAM which hangs around to act as an active container for numerical and text data at least and provides some extra functionality, like arithmetic. $ urpmq --whatrequires-recursive redis ntopng redis # ntopng -i eno1 > session.ntopng ^C^C # head session.ntopng 01/Mar/2023 20:12:39 [Ntop.cpp:2336] Setting local networks to 127.0.0.0/8,fe80::/10 01/Mar/2023 20:12:39 [Redis.cpp:157] Successfully connected to redis 127.0.0.1:6379@0 01/Mar/2023 20:12:39 [Redis.cpp:157] Successfully connected to redis 127.0.0.1:6379@0 01/Mar/2023 20:12:40 [PcapInterface.cpp:93] Reading packets from eno1 [id: 0] 01/Mar/2023 20:12:40 [Ntop.cpp:2441] Registered interface eno1 [id: 0] 01/Mar/2023 20:12:40 [main.cpp:312] PID stored in file /var/run/ntopng/ntopng.pid 01/Mar/2023 20:12:40 [Geolocation.cpp:107] Running without geolocation support. 01/Mar/2023 20:12:40 [Geolocation.cpp:108] To enable geolocation follow the instructions at 01/Mar/2023 20:12:40 [Geolocation.cpp:109] https://github.com/ntop/ntopng/blob/dev/doc/README.geolocation.md 01/Mar/2023 20:12:40 [HTTPserver.cpp:1529] Web server dirs [/usr/share/ntopng/httpdocs][/usr/share/ntopng/scripts] # cat /var/run/ntopng/ntopng.pid 1507319 $ ps aux | grep ntopng ntopng 1507319 1.9 0.6 3022956 214028 pts/7 SLl+ 20:18 0:03 ntopng -i eno1 Fair enough. Letting this go. CC:
(none) =>
tarazed25 Validating. Advisory in comment 1. CC:
(none) =>
andrewsfarm, sysadmin-bugs
Dave Hodgins
2023-03-10 00:23:37 CET
Keywords:
(none) =>
advisory An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0086.html Status:
NEW =>
RESOLVED
David Walser
2023-04-20 17:50:38 CEST
Blocks:
(none) =>
31174 |