diff --git a/content/operate/kubernetes/release-notes/7-2-4-releases/7-2-4-12-08-2024.md b/content/operate/kubernetes/release-notes/7-2-4-releases/7-2-4-12-08-2024.md index 0a09f771db..b7a398d4e5 100644 --- a/content/operate/kubernetes/release-notes/7-2-4-releases/7-2-4-12-08-2024.md +++ b/content/operate/kubernetes/release-notes/7-2-4-releases/7-2-4-12-08-2024.md @@ -22,6 +22,8 @@ This is a maintenance release to support Redis Enterprise Software version 7.2.4 ## Version changes +For a list of fixes related to CVEs, see the [Redis Enterprise 7.2.4-109 release notes]({{}}). + ### Breaking changes The following changes included in this release affect the upgrade process. Please read carefully before upgrading to 7.2.4-12. @@ -42,6 +44,7 @@ Versions 6.4.2-4 and later include a new `ValidatingWebhookConfiguration` resour Versions 6.4.2-6 and later include a new SCC (`redis-enterprise-scc-v2`) that you need to bind to your service account before upgrading. OpenShift clusters running version 6.2.12 or earlier upgrading to version 6.2.18 or later might get stuck if you skip this step. See [upgrade a Redis Enterprise cluster (REC)]({{< relref "/operate/kubernetes/upgrade/upgrade-redis-cluster#before-upgrading" >}}) for instructions. + ### Upcoming changes - A future release of Redis Enterprise will remove support for RHEL7. We recommend migrating to RHEL8. diff --git a/content/operate/kubernetes/release-notes/7-4-6-releases/7-4-6-2-oct24.md b/content/operate/kubernetes/release-notes/7-4-6-releases/7-4-6-2-oct24.md index e9b5832cc3..7b028d7f09 100644 --- a/content/operate/kubernetes/release-notes/7-4-6-releases/7-4-6-2-oct24.md +++ b/content/operate/kubernetes/release-notes/7-4-6-releases/7-4-6-2-oct24.md @@ -12,7 +12,11 @@ weight: 3 ## Highlights -This is a maintenance release to support [Redis Enterprise Software version 7.4.6-77]({{}}). For version changes, supported distributions, and known limitations, see the [release notes for 7-4-6-2 (July 2024)]({{}}). +This is a maintenance release to support [Redis Enterprise Software version 7.4.6-77]({{}}). For version changes, supported distributions, and known limitations, see the [release notes for 7-4-6-2 (July 2024)]({{}}). + +## Version changes + +For a list of fixes related to CVEs, see the [Redis Enterprise 7.2.4-109 release notes]({{}}). ## Downloads diff --git a/content/operate/kubernetes/release-notes/7-4-6-releases/7-4-6-2.md b/content/operate/kubernetes/release-notes/7-4-6-releases/7-4-6-2.md index 7c89bcfc02..6d9672af5a 100644 --- a/content/operate/kubernetes/release-notes/7-4-6-releases/7-4-6-2.md +++ b/content/operate/kubernetes/release-notes/7-4-6-releases/7-4-6-2.md @@ -33,6 +33,8 @@ The primary purpose of this release is to support [Redis Enterprise Software ver ## Version changes +For a list of fixes related to CVEs, see the [Redis Enterprise 7.2.4-109 release notes]({{}}). + ### Breaking changes The following changes included in this release affect the upgrade process. Please read carefully before upgrading. diff --git a/content/operate/rs/release-notes/rs-6-4-2-releases/rs-6-4-2-110.md b/content/operate/rs/release-notes/rs-6-4-2-releases/rs-6-4-2-110.md index 93fbc82f9b..e3f231cdac 100644 --- a/content/operate/rs/release-notes/rs-6-4-2-releases/rs-6-4-2-110.md +++ b/content/operate/rs/release-notes/rs-6-4-2-releases/rs-6-4-2-110.md @@ -108,6 +108,10 @@ Redis Enterprise 6.4.2-110 supports open source Redis 6.2 and 6.0. Below is the Redis 6.2.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup. (Redis 6.2.14) diff --git a/content/operate/rs/release-notes/rs-6-4-2-releases/rs-6-4-2-115.md b/content/operate/rs/release-notes/rs-6-4-2-releases/rs-6-4-2-115.md index 93eb1565db..3d5c4bf7c7 100644 --- a/content/operate/rs/release-notes/rs-6-4-2-releases/rs-6-4-2-115.md +++ b/content/operate/rs/release-notes/rs-6-4-2-releases/rs-6-4-2-115.md @@ -100,6 +100,10 @@ Redis Enterprise 6.4.2-115 supports open source Redis 6.2 and 6.0. Below is the Redis 6.2.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup. (Redis 6.2.14) diff --git a/content/operate/rs/release-notes/rs-7-2-4-releases/rs-7-2-4-109.md b/content/operate/rs/release-notes/rs-7-2-4-releases/rs-7-2-4-109.md index 9febeda6c8..18e3a69c97 100644 --- a/content/operate/rs/release-notes/rs-7-2-4-releases/rs-7-2-4-109.md +++ b/content/operate/rs/release-notes/rs-7-2-4-releases/rs-7-2-4-109.md @@ -104,12 +104,20 @@ Redis Enterprise 7.2.4-109 supports open source Redis 7.2, 6.2, and 6.0. Below i Redis 7.2.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution. - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.2.1) Redis 7.0.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution. - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.0.13) @@ -140,6 +148,10 @@ Redis 7.0.x: Redis 6.2.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup. (Redis 6.2.14) diff --git a/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-2-169.md b/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-2-169.md index 4610d44ff4..2ac4e1c5c2 100644 --- a/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-2-169.md +++ b/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-2-169.md @@ -148,12 +148,20 @@ Redis Enterprise 7.4.2 supports Redis 7.2, 6.2, and 6.0. Below is the list of Re Redis 7.2.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution. - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.2.1) Redis 7.0.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution. - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.0.13) @@ -184,6 +192,10 @@ Redis 7.0.x: Redis 6.2.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup. (Redis 6.2.14) diff --git a/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-2-216.md b/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-2-216.md index 5a110942d9..d172d01f79 100644 --- a/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-2-216.md +++ b/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-2-216.md @@ -139,12 +139,20 @@ Redis Enterprise 7.4.2 supports Redis 7.2, 6.2, and 6.0. Below is the list of Re Redis 7.2.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution. - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.2.1) Redis 7.0.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution. - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.0.13) @@ -175,6 +183,10 @@ Redis 7.0.x: Redis 6.2.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup. (Redis 6.2.14) diff --git a/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-102.md b/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-102.md index 572fd77b21..0a5260f202 100644 --- a/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-102.md +++ b/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-102.md @@ -217,12 +217,20 @@ Redis Enterprise 7.4.6-102 supports open source Redis 7.2, 6.2, and 6.0. Below i Redis 7.2.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution. - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.2.1) Redis 7.0.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution. - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.0.13) @@ -253,6 +261,10 @@ Redis 7.0.x: Redis 6.2.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-28856) Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access. (Redis 6.2.12) - (CVE-2023-25155) Specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. (Redis 6.2.11) diff --git a/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-22.md b/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-22.md index 83e10e9d49..d6f1d273b9 100644 --- a/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-22.md +++ b/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-22.md @@ -205,12 +205,20 @@ Redis Enterprise 7.4.6-22 supports open source Redis 7.2, 6.2, and 6.0. Below is Redis 7.2.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution. - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.2.1) Redis 7.0.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution. - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.0.13) @@ -241,6 +249,10 @@ Redis 7.0.x: Redis 6.2.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-28856) Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access. (Redis 6.2.12) - (CVE-2023-25155) Specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. (Redis 6.2.11) diff --git a/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-77.md b/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-77.md index 0f9ffe6c14..2d2a1516a4 100644 --- a/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-77.md +++ b/content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-77.md @@ -229,12 +229,20 @@ Redis Enterprise 7.4.6-77 supports open source Redis 7.2, 6.2, and 6.0. Below is Redis 7.2.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution. - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.2.1) Redis 7.0.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution. - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.0.13) @@ -265,6 +273,10 @@ Redis 7.0.x: Redis 6.2.x: +- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. + +- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. + - (CVE-2023-28856) Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access. (Redis 6.2.12) - (CVE-2023-25155) Specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. (Redis 6.2.11)