Bug 34650 - redis new security issue CVE-2025-49844 and CVE-2025-4681[7-9]
Summary: redis new security issue CVE-2025-49844 and CVE-2025-4681[7-9]
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 9
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA9-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2025-10-08 09:01 CEST by Nicolas Salguero
Modified: 2025-11-21 20:57 CET (History)
5 users (show)

See Also:
Source RPM: redis-7.2.10-1.mga9.src.rpm
CVE: CVE-2025-49844 CVE-2025-46817 CVE-2025-46818 CVE-2025-46819
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Nicolas Salguero 2025-10-08 09:01:44 CEST 
https://www.openwall.com/lists/oss-security/2025/10/07/2
Comment 1 Nicolas Salguero 2025-10-08 09:03:56 CEST 
Fix: https://github.com/redis/redis/commit/d5728cb5795c966c5b5b1e0f0ac576a7e69af539

Source RPM: (none) => redis-8.0.3-1.mga10.src.rpm, redis-7.2.10-1.mga9.src.rpm
CVE: (none) => CVE-2025-49844
Status comment: (none) => Fixed upstream in 8.2.2 and patch available from upstream
Whiteboard: (none) => MGA9TOO

Comment 2 Marja Van Waes 2025-10-08 10:14:22 CEST 
Assigning to our redis maintainer.

CC: (none) => marja11
Assignee: bugsquad => mageia

Nicolas Salguero 2025-11-17 13:32:13 CET

Source RPM: redis-8.0.3-1.mga10.src.rpm, redis-7.2.10-1.mga9.src.rpm => redis-7.2.10-1.mga9.src.rpm
Whiteboard: MGA9TOO => (none)
Version: Cauldron => 9

Marc Krämer 2025-11-18 12:17:27 CET

CVE: CVE-2025-49844 => CVE-2025-49844 CVE-2025-46817 CVE-2025-46818 CVE-2025-46819

Comment 3 Nicolas Salguero 2025-11-19 08:57:07 CET 
Suggested advisory:
========================

The updated package fixes security vulnerabilities:

A Lua script may lead to remote code execution. (CVE-2025-49844)

A Lua script may lead to integer overflow and potential RCE. (CVE-2025-46817)

A Lua script can be executed in the context of another user. (CVE-2025-46818)

LUA out-of-bound read. (CVE-2025-46819)

References:
https://www.openwall.com/lists/oss-security/2025/10/07/2
https://github.com/redis/redis/releases/tag/7.2.11
https://github.com/redis/redis/releases/tag/7.2.12
========================

Updated packages in core/updates_testing:
========================
redis-7.2.12-1.mga9

from SRPM:
redis-7.2.12-1.mga9.src.rpm

Status: NEW => ASSIGNED
Status comment: Fixed upstream in 8.2.2 and patch available from upstream => (none)
Summary: redis new security issue CVE-2025-49844 => redis new security issue CVE-2025-49844 and CVE-2025-4681[7-9]
Assignee: mageia => qa-bugs

Comment 4 Marc Krämer 2025-11-19 11:15:21 CET 
Thx Nicolas, I did not had time to write the advisory

CC: (none) => mageia

Comment 5 Herman Viaene 2025-11-20 13:52:46 CET 
MGA9-64  server Plasma Wayland on Compaq H000SB.
No installation issues, installed ntopng to run the tests. 
Ref bug 34452 Comment 6
# systemctl start redis
# systemctl -l status redis
● redis.service - Redis persistent key-value database
     Loaded: loaded (/usr/lib/systemd/system/redis.service; disabled; preset: disabled)
    Drop-In: /usr/lib/systemd/system/redis.service.d
             └─limit.conf
     Active: active (running) since Thu 2025-11-20 13:39:46 CET; 15s ago
   Main PID: 134996 (redis-server)
      Tasks: 6 (limit: 8805)
     Memory: 3.1M
        CPU: 102ms
     CGroup: /system.slice/redis.service
             └─134996 "/usr/bin/redis-server 127.0.0.1:6379"

Nov 20 13:39:46 mach3.hviaene.thuis systemd[1]: Started redis.service.
#  ntopng -i wlo1 > ntopng.session
^C
[root@mach3 ~]# 
[root@mach3 ~]# file ntopng.session 
ntopng.session: HTML document, ASCII text, with very long lines (411)
Displayed file, at the end:
20/Nov/2025 13:42:55 [NetworkInterface.cpp:2735] Started packet polling on interface wlo1 [id: 0]...
20/Nov/2025 13:43:03 [main.cpp:50] Shutting down...
20/Nov/2025 13:43:03 [NetworkInterface.cpp:2621] Flow dump thread completed for wlo1
20/Nov/2025 13:43:04 [PcapInterface.cpp:336] Terminated packet polling for wlo1
20/Nov/2025 13:43:05 [Ntop.cpp:2540] Terminating periodic activities
20/Nov/2025 13:43:06 [Ntop.cpp:2546] Executing shutdown script
20/Nov/2025 13:43:10 [ProtoStats.cpp:35] [IPv4]  119.98 KB/303.00 Packets
20/Nov/2025 13:43:10 [ProtoStats.cpp:35] [IPv6]  25.89 KB/73.00 Packets
20/Nov/2025 13:43:10 [ProtoStats.cpp:35] [ARP]   400 B/8.00 Packets
20/Nov/2025 13:43:10 [ProtoStats.cpp:35] [MPLS]  0 B/0.00 Packets
20/Nov/2025 13:43:10 [ProtoStats.cpp:35] [Other] 960 B/16.00 Packets
20/Nov/2025 13:43:10 [Ntop.cpp:2528] Polling shut down [interface: wlo1]
20/Nov/2025 13:43:10 [HTTPserver.cpp:1555] HTTP server terminated
20/Nov/2025 13:43:10 [NetworkInterface.cpp:544] Flushing host contacts for interface wlo1
20/Nov/2025 13:43:10 [NetworkInterface.cpp:2778] Cleanup interface wlo1
20/Nov/2025 13:43:10 [AddressResolution.cpp:63] Address resolution stats [5 resolved][3 failures]
So some packages have been seen, OK for me

$ redis-cli < redistutorial 
OK
"pluto"
OK
(integer) 8
(integer) 9
"9"
(integer) 1
(integer) 1
OK
(integer) 1
(integer) 40
(integer) 40
(integer) 40
OK
(integer) 4
(integer) 5
(integer) 6
1) "David"
2) "David"
3) "Suzy"
4) "Zack"
5) "Suzy"
6) "Zack"
1) "David"
2) "David"
1) "David"
2) "Suzy"
All looks well to me

CC: (none) => herman.viaene
Whiteboard: (none) => MGA9-64-OK

katnatek 2025-11-20 21:01:40 CET

Keywords: (none) => advisory

Comment 6 Thomas Andrews 2025-11-21 13:23:07 CET 
Validating.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Comment 7 Mageia Robot 2025-11-21 20:57:10 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2025-0307.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.