From 3f2a76b99a158ac8b7d5cada317e13744f142675 Mon Sep 17 00:00:00 2001 From: Rachel Elledge Date: Fri, 3 Oct 2025 18:04:19 -0500 Subject: [PATCH 1/2] DOC-5773 Added Bret and Grace CVE fixes to RS release notes --- .../rs-7-2-4-releases/rs-7-2-4-138.md | 8 ++++++++ .../rs-7-22-releases/rs-7-22-2-14.md | 16 ++++++++++++++++ .../rs-7-4-2-releases/rs-7-4-6-272.md | 8 ++++++++ .../rs-7-8-releases/rs-7-8-6-207.md | 16 ++++++++++++++++ 4 files changed, 48 insertions(+) diff --git a/content/operate/rs/release-notes/rs-7-2-4-releases/rs-7-2-4-138.md b/content/operate/rs/release-notes/rs-7-2-4-releases/rs-7-2-4-138.md index 9140e0274..c4a1a093f 100644 --- a/content/operate/rs/release-notes/rs-7-2-4-releases/rs-7-2-4-138.md +++ b/content/operate/rs/release-notes/rs-7-2-4-releases/rs-7-2-4-138.md @@ -95,6 +95,14 @@ Redis Enterprise 7.2.4-138 supports open source Redis 7.2, 6.2, and 6.0. Below i Redis 7.2.x: +- (CVE-2025-46818) An authenticated user may use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. + +- (CVE-2025-46819) An authenticated user may use a specially crafted LUA script to read out-of-bound data or crash the server and lead to subsequent denial of service. + +- (CVE-2025-46817) An authenticated user may use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution. + +- (CVE-2025-49844) An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free, and potentially lead to remote code execution. + - (CVE-2025-32023) An authenticated user can use a specially crafted string to trigger a stack/heap out-of-bounds write on HyperLogLog operations, which can lead to remote code execution. - (CVE-2025-21605) An unauthenticated client can cause unlimited growth of output buffers until the server runs out of memory or is terminated, which can lead to denial-of-service. diff --git a/content/operate/rs/release-notes/rs-7-22-releases/rs-7-22-2-14.md b/content/operate/rs/release-notes/rs-7-22-releases/rs-7-22-2-14.md index bbbee9050..1c86ac78f 100644 --- a/content/operate/rs/release-notes/rs-7-22-releases/rs-7-22-2-14.md +++ b/content/operate/rs/release-notes/rs-7-22-releases/rs-7-22-2-14.md @@ -163,12 +163,28 @@ Redis Enterprise Software 7.22.2-14 supports open source Redis 7.4, 7.2, and 6.2 Redis 7.4.x: +- (CVE-2025-46818) An authenticated user may use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. + +- (CVE-2025-46819) An authenticated user may use a specially crafted LUA script to read out-of-bound data or crash the server and lead to subsequent denial of service. + +- (CVE-2025-46817) An authenticated user may use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution. + +- (CVE-2025-49844) An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free, and potentially lead to remote code execution. + - (CVE-2025-32023) An authenticated user can use a specially crafted string to trigger a stack/heap out-of-bounds write on HyperLogLog operations, which can lead to remote code execution. - (CVE-2025-21605) An unauthenticated client can cause unlimited growth of output buffers until the server runs out of memory or is terminated, which can lead to denial-of-service. Redis 7.2.x: +- (CVE-2025-46818) An authenticated user may use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. + +- (CVE-2025-46819) An authenticated user may use a specially crafted LUA script to read out-of-bound data or crash the server and lead to subsequent denial of service. + +- (CVE-2025-46817) An authenticated user may use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution. + +- (CVE-2025-49844) An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free, and potentially lead to remote code execution. + - (CVE-2025-32023) An authenticated user can use a specially crafted string to trigger a stack/heap out-of-bounds write on HyperLogLog operations, which can lead to remote code execution. - (CVE-2025-21605) An unauthenticated client can cause unlimited growth of output buffers until the server runs out of memory or is terminated, which can lead to denial-of-service. diff --git a/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-272.md b/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-272.md index dd56c9e3a..f0c55ee8c 100644 --- a/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-272.md +++ b/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-272.md @@ -216,6 +216,14 @@ Redis Enterprise 7.4.6-272 supports open source Redis 7.2, 6.2, and 6.0. Below i Redis 7.2.x: +- (CVE-2025-46818) An authenticated user may use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. + +- (CVE-2025-46819) An authenticated user may use a specially crafted LUA script to read out-of-bound data or crash the server and lead to subsequent denial of service. + +- (CVE-2025-46817) An authenticated user may use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution. + +- (CVE-2025-49844) An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free, and potentially lead to remote code execution. + - (CVE-2025-32023) An authenticated user can use a specially crafted string to trigger a stack/heap out-of-bounds write on HyperLogLog operations, which can lead to remote code execution. - (CVE-2025-21605) An unauthenticated client can cause unlimited growth of output buffers until the server runs out of memory or is terminated, which can lead to denial-of-service. diff --git a/content/operate/rs/release-notes/rs-7-8-releases/rs-7-8-6-207.md b/content/operate/rs/release-notes/rs-7-8-releases/rs-7-8-6-207.md index 078cc0ef2..032379d7a 100644 --- a/content/operate/rs/release-notes/rs-7-8-releases/rs-7-8-6-207.md +++ b/content/operate/rs/release-notes/rs-7-8-releases/rs-7-8-6-207.md @@ -145,12 +145,28 @@ Redis Software 7.8.6-207 supports open source Redis 7.4, 7.2, and 6.2. Below is Redis 7.4.x: +- (CVE-2025-46818) An authenticated user may use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. + +- (CVE-2025-46819) An authenticated user may use a specially crafted LUA script to read out-of-bound data or crash the server and lead to subsequent denial of service. + +- (CVE-2025-46817) An authenticated user may use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution. + +- (CVE-2025-49844) An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free, and potentially lead to remote code execution. + - (CVE-2025-32023) An authenticated user can use a specially crafted string to trigger a stack/heap out-of-bounds write on HyperLogLog operations, which can lead to remote code execution. - (CVE-2025-21605) An unauthenticated client can cause unlimited growth of output buffers until the server runs out of memory or is terminated, which can lead to denial-of-service. Redis 7.2.x: +- (CVE-2025-46818) An authenticated user may use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. + +- (CVE-2025-46819) An authenticated user may use a specially crafted LUA script to read out-of-bound data or crash the server and lead to subsequent denial of service. + +- (CVE-2025-46817) An authenticated user may use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution. + +- (CVE-2025-49844) An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free, and potentially lead to remote code execution. + - (CVE-2025-32023) An authenticated user can use a specially crafted string to trigger a stack/heap out-of-bounds write on HyperLogLog operations, which can lead to remote code execution. - (CVE-2025-21605) An unauthenticated client can cause unlimited growth of output buffers until the server runs out of memory or is terminated, which can lead to denial-of-service. From 7a59a8dcf336f65d5dd20831ead2baab3d6f1354 Mon Sep 17 00:00:00 2001 From: Rachel Elledge Date: Tue, 7 Oct 2025 10:29:22 -0700 Subject: [PATCH 2/2] DOC-5773 Added Bret & Grace CVEs to Redis 6.2 sections of RS release notes --- .../rs/release-notes/rs-6-4-2-releases/rs-6-4-2-131.md | 8 ++++++++ .../rs/release-notes/rs-7-2-4-releases/rs-7-2-4-138.md | 8 ++++++++ .../rs/release-notes/rs-7-22-releases/rs-7-22-2-14.md | 8 ++++++++ .../rs/release-notes/rs-7-4-2-releases/rs-7-4-6-272.md | 8 ++++++++ .../rs/release-notes/rs-7-8-releases/rs-7-8-6-207.md | 8 ++++++++ 5 files changed, 40 insertions(+) diff --git a/content/operate/rs/release-notes/rs-6-4-2-releases/rs-6-4-2-131.md b/content/operate/rs/release-notes/rs-6-4-2-releases/rs-6-4-2-131.md index 2c2ea4ec2..aeeb55746 100644 --- a/content/operate/rs/release-notes/rs-6-4-2-releases/rs-6-4-2-131.md +++ b/content/operate/rs/release-notes/rs-6-4-2-releases/rs-6-4-2-131.md @@ -96,6 +96,14 @@ Redis Enterprise 6.4.2-131 supports open source Redis 6.2 and 6.0. Below is the Redis 6.2.x: +- (CVE-2025-46818) An authenticated user may use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. + +- (CVE-2025-46819) An authenticated user may use a specially crafted LUA script to read out-of-bound data or crash the server and lead to subsequent denial of service. + +- (CVE-2025-46817) An authenticated user may use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution. + +- (CVE-2025-49844) An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free, and potentially lead to remote code execution. + - (CVE-2025-32023) An authenticated user can use a specially crafted string to trigger a stack/heap out-of-bounds write on HyperLogLog operations, which can lead to remote code execution. - (CVE-2025-21605) An unauthenticated client can cause unlimited growth of output buffers until the server runs out of memory or is terminated, which can lead to denial-of-service. diff --git a/content/operate/rs/release-notes/rs-7-2-4-releases/rs-7-2-4-138.md b/content/operate/rs/release-notes/rs-7-2-4-releases/rs-7-2-4-138.md index c4a1a093f..d70026e50 100644 --- a/content/operate/rs/release-notes/rs-7-2-4-releases/rs-7-2-4-138.md +++ b/content/operate/rs/release-notes/rs-7-2-4-releases/rs-7-2-4-138.md @@ -151,6 +151,14 @@ Redis 7.0.x: Redis 6.2.x: +- (CVE-2025-46818) An authenticated user may use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. + +- (CVE-2025-46819) An authenticated user may use a specially crafted LUA script to read out-of-bound data or crash the server and lead to subsequent denial of service. + +- (CVE-2025-46817) An authenticated user may use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution. + +- (CVE-2025-49844) An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free, and potentially lead to remote code execution. + - (CVE-2025-32023) An authenticated user can use a specially crafted string to trigger a stack/heap out-of-bounds write on HyperLogLog operations, which can lead to remote code execution. - (CVE-2025-21605) An unauthenticated client can cause unlimited growth of output buffers until the server runs out of memory or is terminated, which can lead to denial-of-service. diff --git a/content/operate/rs/release-notes/rs-7-22-releases/rs-7-22-2-14.md b/content/operate/rs/release-notes/rs-7-22-releases/rs-7-22-2-14.md index 1c86ac78f..a2f701fdc 100644 --- a/content/operate/rs/release-notes/rs-7-22-releases/rs-7-22-2-14.md +++ b/content/operate/rs/release-notes/rs-7-22-releases/rs-7-22-2-14.md @@ -233,6 +233,14 @@ Redis 7.0.x: Redis 6.2.x: +- (CVE-2025-46818) An authenticated user may use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. + +- (CVE-2025-46819) An authenticated user may use a specially crafted LUA script to read out-of-bound data or crash the server and lead to subsequent denial of service. + +- (CVE-2025-46817) An authenticated user may use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution. + +- (CVE-2025-49844) An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free, and potentially lead to remote code execution. + - (CVE-2025-32023) An authenticated user can use a specially crafted string to trigger a stack/heap out-of-bounds write on HyperLogLog operations, which can lead to remote code execution. - (CVE-2025-21605) An unauthenticated client can cause unlimited growth of output buffers until the server runs out of memory or is terminated, which can lead to denial-of-service. diff --git a/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-272.md b/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-272.md index f0c55ee8c..87661c6a2 100644 --- a/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-272.md +++ b/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-272.md @@ -272,6 +272,14 @@ Redis 7.0.x: Redis 6.2.x: +- (CVE-2025-46818) An authenticated user may use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. + +- (CVE-2025-46819) An authenticated user may use a specially crafted LUA script to read out-of-bound data or crash the server and lead to subsequent denial of service. + +- (CVE-2025-46817) An authenticated user may use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution. + +- (CVE-2025-49844) An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free, and potentially lead to remote code execution. + - (CVE-2025-32023) An authenticated user can use a specially crafted string to trigger a stack/heap out-of-bounds write on HyperLogLog operations, which can lead to remote code execution. - (CVE-2025-21605) An unauthenticated client can cause unlimited growth of output buffers until the server runs out of memory or is terminated, which can lead to denial-of-service. diff --git a/content/operate/rs/release-notes/rs-7-8-releases/rs-7-8-6-207.md b/content/operate/rs/release-notes/rs-7-8-releases/rs-7-8-6-207.md index 032379d7a..5c4365a22 100644 --- a/content/operate/rs/release-notes/rs-7-8-releases/rs-7-8-6-207.md +++ b/content/operate/rs/release-notes/rs-7-8-releases/rs-7-8-6-207.md @@ -215,6 +215,14 @@ Redis 7.0.x: Redis 6.2.x: +- (CVE-2025-46818) An authenticated user may use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. + +- (CVE-2025-46819) An authenticated user may use a specially crafted LUA script to read out-of-bound data or crash the server and lead to subsequent denial of service. + +- (CVE-2025-46817) An authenticated user may use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution. + +- (CVE-2025-49844) An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free, and potentially lead to remote code execution. + - (CVE-2025-32023) An authenticated user can use a specially crafted string to trigger a stack/heap out-of-bounds write on HyperLogLog operations, which can lead to remote code execution. - (CVE-2025-21605) An unauthenticated client can cause unlimited growth of output buffers until the server runs out of memory or is terminated, which can lead to denial-of-service.