CVE-2023-22458: Integer overflow in multiple Redis commands can lead to denial-of-service
First published: Fri Jan 20 2023(Updated: )
Redis is an in-memory database that persists on disk. Authenticated users can issue a `HRANDFIELD` or `ZRANDMEMBER` command with specially crafted arguments to trigger a denial-of-service by crashing Redis with an assertion failure. This problem affects Redis versions 6.2 or newer up to but not including 6.2.9 as well as versions 7.0 up to but not including 7.0.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Credit: security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/redis | <6.2.9 | 6.2.9 |
| redhat/redis | <7.0.8 | 7.0.8 |
| ioredis | >=6.2.0<6.2.9 | |
| ioredis | >=7.0.0<7.0.8 | |
| IBM Planning Analytics Cloud | <=2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://exchange.xforce.ibmcloud.com/vulnerabilities/245242
- https://www.ibm.com/support/pages/node/7096528 (Advisory)
- https://github.com/redis/redis/security/advisories/GHSA-r8w2-2m53-gprj
- https://github.com/redis/redis/commit/16f408b1a0121cacd44cbf8aee275d69dc627f02
- https://github.com/redis/redis/releases/tag/6.2.9
- https://github.com/redis/redis/releases/tag/7.0.8
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2163172
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2163170
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2163174
- https://access.redhat.com/errata/RHSA-2025:0595
- https://bugzilla.redhat.com/show_bug.cgi?id=2163132
Frequently Asked Questions
What is CVE-2023-22458?
CVE-2023-22458 is a vulnerability in Redis that allows authenticated users to trigger a denial-of-service by crashing Redis with an assertion failure.
Which versions of Redis are affected by CVE-2023-22458?
Redis versions 6.2 up to but not including 6.2.9, as well as versions 7.0 up to but not including 7.0.8, are affected by CVE-2023-22458.
What is the severity of CVE-2023-22458?
CVE-2023-22458 has a severity rating of 5.5 (medium).
How can authenticated users exploit CVE-2023-22458?
Authenticated users can exploit CVE-2023-22458 by issuing a `HRANDFIELD` or `ZRANDMEMBER` command with specially crafted arguments.
How can I fix CVE-2023-22458?
To fix CVE-2023-22458, update Redis to version 6.2.9 or 7.0.8 or newer.
- agent/type
- agent/remedy
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/weakness
- agent/first-publish-date
- agent/trending
- agent/severity
- agent/source
- agent/description
- agent/references
- agent/last-modified-date
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-22458
- agent/software-canonical-lookup
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/ibm-support
- source/IBM
- package-manager/redhat
- vendor/redis
- canonical/ioredis
- version/ioredis/6.2.0
- version/ioredis/7.0.0
- vendor/ibm
- canonical/ibm planning analytics cloud
- version/ibm planning analytics cloud/2.0