Candidate: CVE-2021-32628
PublicDate: 2021-10-04 18:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32628
 https://github.com/redis/redis/security/advisories/GHSA-vw22-qm3h-49pr
 https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3
Description:
 Redis is an open source, in-memory database that persists on disk. An
 integer overflow bug in the ziplist data structure used by all versions of
 Redis can be exploited to corrupt the heap and potentially result with
 remote code execution. The vulnerability involves modifying the default
 ziplist configuration parameters (hash-max-ziplist-entries,
 hash-max-ziplist-value, zset-max-ziplist-entries or zset-max-ziplist-value)
 to a very large value, and then constructing specially crafted commands to
 create very large ziplists. The problem is fixed in Redis versions 6.2.6,
 6.0.16, 5.0.14. An additional workaround to mitigate the problem without
 patching the redis-server executable is to prevent users from modifying the
 above configuration parameters. This can be done using ACL to restrict
 unprivileged users from using the CONFIG SET command.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H [7.5 HIGH]


Patches_redis:
upstream_redis: released (5:6.0.16-1)
trusty_redis: ignored (out of standard support)
trusty/esm_redis: needed
xenial_redis: ignored (out of standard support)
bionic_redis: needed
focal_redis: needed
hirsute_redis: ignored (reached end-of-life)
impish_redis: needed
jammy_redis: not-affected (5:6.0.16-1)
devel_redis: not-affected (5:6.0.16-1)