Impact
In some cases, Redis may incorrectly handle resizing of memory buffers which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution.
The problem exists in Redis 7.0.9 or newer (including 7.2.x).
Patches
The problem is fixed in Redis 7.0.15 and 7.2.4.
For more information
If you have any questions or comments about this advisory:
Impact
In some cases, Redis may incorrectly handle resizing of memory buffers which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution.
The problem exists in Redis 7.0.9 or newer (including 7.2.x).
Patches
The problem is fixed in Redis 7.0.15 and 7.2.4.
For more information
If you have any questions or comments about this advisory: