CVE-2021-29478: Vulnerability in the COPY command for large intsets
First published: Tue May 04 2021(Updated: )
A flaw was found in redis. An integer overflow bug could be exploited to corrupt the heap and potentially result with remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Credit: security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redislabs Redis | >=6.2.0<6.2.3 | |
| Fedoraproject Fedora | =33 | |
| Fedoraproject Fedora | =34 |
Remedy
The flaw can be mitigated by disallowing usage of the CONFIG SET command via ACL configuration. This will prevent clients from setting the set-max-intset-entries configuration parameter. Please see https://redis.io/topics/acl for more information on how to do this.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2021-29478 https://nvd.nist.gov/vuln/detail/CVE-2021-29478 https://github.com/redis/redis/security/advisories/GHSA-qh52-crrg-44g3
- https://bugzilla.redhat.com/show_bug.cgi?id=1957414
- https://access.redhat.com/errata/RHSA-2021:3016
- https://access.redhat.com/security/cve/cve-2021-29478
- https://github.com/redis/redis/security/advisories/GHSA-qh52-crrg-44g3
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPWBIZXA67JFIB63W2CNVVILCGIC2ME5/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZJ6JGQ2ETZB2DWTQSGCOGG7EF3ILV4V/
- https://redis.io/
- https://security.gentoo.org/glsa/202107-20
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1957416
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1957415
- https://github.com/redis/redis/commit/789f10156009b404950ad717642a9496ed887083
- https://github.com/redis/redis/commit/046352069396fe3be0a50ca505cb65af15c0d995
- https://redis.io/topics/acl
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZJ6JGQ2ETZB2DWTQSGCOGG7EF3ILV4V/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPWBIZXA67JFIB63W2CNVVILCGIC2ME5/
Frequently Asked Questions
What is the vulnerability ID for this Redis flaw?
The vulnerability ID for this Redis flaw is CVE-2021-29478.
What is Redis?
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker.
What is the severity of CVE-2021-29478?
The severity of CVE-2021-29478 is high, with a CVSS score of 8.8.
How can CVE-2021-29478 be exploited?
CVE-2021-29478 can be exploited using an integer overflow bug in Redis version 6.2 before 6.2.3, which could potentially result in remote code execution.
How do I fix CVE-2021-29478?
To fix CVE-2021-29478, update Redis to version 6.2.3 or later.
- collector/redhat-cve
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/remedy
- agent/severity
- agent/weakness
- agent/author
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-29478
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- agent/references
- agent/description
- agent/tags
- agent/event
- vendor/redislabs
- canonical/redislabs redis
- version/redislabs redis/6.2.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/33
- version/fedoraproject fedora/34
- package-manager/redhat