Authenticated users issuing specially crafted SETRANGE and SORT(_RO) commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an OOM panic.
Patches
The problem is fixed in Redis versions 7.0.8, 6.2.9 and 6.0.17.
Credit
The issue has been identified by Xion (SeungHyun Lee) of KAIST GoN
For more information
If you have any questions or comments about this advisory:
Impact
Authenticated users issuing specially crafted
SETRANGEandSORT(_RO)commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an OOM panic.Patches
The problem is fixed in Redis versions 7.0.8, 6.2.9 and 6.0.17.
Credit
The issue has been identified by Xion (SeungHyun Lee) of KAIST GoN
For more information
If you have any questions or comments about this advisory: