RS: Add CVEs to release notes

content/operate/kubernetes/release-notes/7-2-4-releases/7-2-4-12-08-2024.md

@@ -22,6 +22,8 @@ This is a maintenance release to support Redis Enterprise Software version 7.2.4
 
 ## Version changes
 
+For a list of fixes related to CVEs, see the [Redis Enterprise 7.2.4-109 release notes]({{<relref "operate/rs/release-notes/rs-7-2-4-releases/rs-7-2-4-109">}}).
+
 ### Breaking changes
 
 The following changes included in this release affect the upgrade process. Please read carefully before upgrading to 7.2.4-12.
@@ -42,6 +44,7 @@ Versions 6.4.2-4 and later include a new `ValidatingWebhookConfiguration` resour
 
 Versions 6.4.2-6 and later include a new SCC (`redis-enterprise-scc-v2`) that you need to bind to your service account before upgrading. OpenShift clusters running version 6.2.12 or earlier upgrading to version 6.2.18 or later might get stuck if you skip this step. See [upgrade a Redis Enterprise cluster (REC)]({{< relref "/operate/kubernetes/upgrade/upgrade-redis-cluster#before-upgrading" >}}) for instructions.
 
+
 ### Upcoming changes
 
 - A future release of Redis Enterprise will remove support for RHEL7. We recommend migrating to RHEL8.

content/operate/kubernetes/release-notes/7-4-6-releases/7-4-6-2-oct24.md

@@ -12,7 +12,11 @@ weight: 3
 
 ## Highlights
 
-This is a maintenance release to support [Redis Enterprise Software version 7.4.6-77]({{<relref "/operate/rs/release-notes/rs-7-4-2-releases/">}}). For version changes, supported distributions, and known limitations, see the [release notes for 7-4-6-2 (July 2024)]({{<relref "/operate/kubernetes/release-notes/7-4-6-releases/7-4-6-2">}}). 
+This is a maintenance release to support [Redis Enterprise Software version 7.4.6-77]({{<relref "/operate/rs/release-notes/rs-7-4-2-releases/">}}). For version changes, supported distributions, and known limitations, see the [release notes for 7-4-6-2 (July 2024)]({{<relref "/operate/kubernetes/release-notes/7-4-6-releases/7-4-6-2">}}).
+
+## Version changes
+
+For a list of fixes related to CVEs, see the [Redis Enterprise 7.2.4-109 release notes]({{<relref "/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-77">}}).
 
 ## Downloads
 

content/operate/kubernetes/release-notes/7-4-6-releases/7-4-6-2.md

@@ -33,6 +33,8 @@ The primary purpose of this release is to support [Redis Enterprise Software ver
 
 ## Version changes
 
+For a list of fixes related to CVEs, see the [Redis Enterprise 7.2.4-109 release notes]({{<relref "/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-22">}}).
+
 ### Breaking changes
 
 The following changes included in this release affect the upgrade process. Please read carefully before upgrading.

content/operate/rs/release-notes/rs-6-4-2-releases/rs-6-4-2-110.md

@@ -108,6 +108,10 @@ Redis Enterprise 6.4.2-110 supports open source Redis 6.2 and 6.0. Below is the
 
 Redis 6.2.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a
 race condition that can be used by another process to bypass desired Unix
 socket permissions on startup. (Redis 6.2.14)

content/operate/rs/release-notes/rs-6-4-2-releases/rs-6-4-2-115.md

@@ -100,6 +100,10 @@ Redis Enterprise 6.4.2-115 supports open source Redis 6.2 and 6.0. Below is the
 
 Redis 6.2.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a
 race condition that can be used by another process to bypass desired Unix
 socket permissions on startup. (Redis 6.2.14)

content/operate/rs/release-notes/rs-7-2-4-releases/rs-7-2-4-109.md

@@ -104,12 +104,20 @@ Redis Enterprise 7.2.4-109 supports open source Redis 7.2, 6.2, and 6.0. Below i
 
 Redis 7.2.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution.
 
 - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.2.1)
 
 Redis 7.0.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution.
 
 - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.0.13)
@@ -140,6 +148,10 @@ Redis 7.0.x:
 
 Redis 6.2.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a
 race condition that can be used by another process to bypass desired Unix
 socket permissions on startup. (Redis 6.2.14)

content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-2-169.md

@@ -148,12 +148,20 @@ Redis Enterprise 7.4.2 supports Redis 7.2, 6.2, and 6.0. Below is the list of Re
 
 Redis 7.2.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution.
 
 - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.2.1)
 
 Redis 7.0.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution.
 
 - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.0.13)
@@ -184,6 +192,10 @@ Redis 7.0.x:
 
 Redis 6.2.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a
 race condition that can be used by another process to bypass desired Unix
 socket permissions on startup. (Redis 6.2.14)

content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-2-216.md

@@ -139,12 +139,20 @@ Redis Enterprise 7.4.2 supports Redis 7.2, 6.2, and 6.0. Below is the list of Re
 
 Redis 7.2.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution.
 
 - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.2.1)
 
 Redis 7.0.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution.
 
 - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.0.13)
@@ -175,6 +183,10 @@ Redis 7.0.x:
 
 Redis 6.2.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a
 race condition that can be used by another process to bypass desired Unix
 socket permissions on startup. (Redis 6.2.14)

content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-102.md

@@ -217,12 +217,20 @@ Redis Enterprise 7.4.6-102 supports open source Redis 7.2, 6.2, and 6.0. Below i
 
 Redis 7.2.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution.
 
 - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.2.1)
 
 Redis 7.0.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution.
 
 - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.0.13)
@@ -253,6 +261,10 @@ Redis 7.0.x:
 
 Redis 6.2.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-28856) Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access. (Redis 6.2.12)
 
 - (CVE-2023-25155) Specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. (Redis 6.2.11)

content/operate/rs/release-notes/rs-7-4-2-releases/rs-7-4-6-22.md

@@ -205,12 +205,20 @@ Redis Enterprise 7.4.6-22 supports open source Redis 7.2, 6.2, and 6.0. Below is
 
 Redis 7.2.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution.
 
 - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.2.1)
 
 Redis 7.0.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers, which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution.
 
 - (CVE-2023-41053) Redis does not correctly identify keys accessed by `SORT_RO` and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Redis 7.0.13)
@@ -241,6 +249,10 @@ Redis 7.0.x:
 
 Redis 6.2.x:
 
+- (CVE-2024-31449) An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution.
+
+- (CVE-2024-31228) An authenticated user can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.
+
 - (CVE-2023-28856) Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access. (Redis 6.2.12)
 
 - (CVE-2023-25155) Specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. (Redis 6.2.11)