Candidate: CVE-2020-14147
PublicDate: 2020-06-15 18:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14147
 https://github.com/antirez/redis/pull/6875
 https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571
Description:
 An integer overflow in the getnum function in lua_struct.c in Redis before
 6.0.3 allows context-dependent attackers with permission to run Lua code in
 a Redis session to cause a denial of service (memory corruption and
 application crash) or possibly bypass intended sandbox restrictions via a
 large number, which triggers a stack-based buffer overflow. NOTE: this
 issue exists because of a CVE-2015-8080 regression.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H [7.7 HIGH]


Patches_redis:
upstream_redis: released (5:6.0.0-1)
precise/esm_redis: DNE
trusty_redis: ignored (out of standard support)
trusty/esm_redis: not-affected (code not present)
xenial_redis: ignored (end of standard support, was needs-triage)
bionic_redis: not-affected (code not present)
eoan_redis: ignored (reached end-of-life)
focal_redis: needed
groovy_redis: ignored (reached end-of-life)
hirsute_redis: not-affected (5:6.0.0-1)
impish_redis: not-affected (5:6.0.0-1)
jammy_redis: not-affected (5:6.0.0-1)
devel_redis: not-affected (5:6.0.0-1)