低危 redis redis 整数溢出或超界折返
CVE编号
CVE-2021-32762利用情况
暂无补丁情况
官方补丁披露时间
2021-10-05漏洞描述
Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis library which does not perform an overflow check before calling the calloc() heap allocation function. This issue only impacts systems with heap allocators that do not perform their own overflow checks. Most modern systems do and are therefore not likely to be affected. Furthermore, by default redis-sentinel uses the jemalloc allocator which is also not vulnerable. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14.解决建议
下载相关补丁受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 应用 | redis | redis | * | From (including) 5.0.0 | Up to (excluding) 5.0.14 | ||||
| 运行在以下环境 | |||||||||
| 应用 | redis | redis | * | From (including) 6.0.0 | Up to (excluding) 6.0.16 | ||||
| 运行在以下环境 | |||||||||
| 应用 | redis | redis | * | From (including) 6.2.0 | Up to (excluding) 6.2.6 | ||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.11 | redis | * | Up to (excluding) 5.0.14-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.12 | redis | * | Up to (excluding) 5.0.14-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.13 | redis | * | Up to (excluding) 6.0.16-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.14 | redis | * | Up to (excluding) 6.2.6-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.15 | redis | * | Up to (excluding) 6.2.6-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.16 | redis | * | Up to (excluding) 6.2.6-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.17 | redis | * | Up to (excluding) 6.2.6-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.18 | redis | * | Up to (excluding) 6.2.6-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_edge | redis | * | Up to (excluding) 6.2.6-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amazon_2 | redis | * | Up to (excluding) 6.2.6-1.amzn2 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_10 | redis | * | Up to (excluding) 5:5.0.14-1+deb10u1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_11 | redis | * | Up to (excluding) 5:6.0.16-1+deb11u1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_12 | redis | * | Up to (excluding) 5:6.0.16-1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_9 | redis | * | Up to (excluding) 3:3.2.6-3+deb9u8 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_sid | redis | * | Up to (excluding) 5:6.0.16-1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_33 | redis-debugsource | * | Up to (excluding) 6.0.16-1.fc33 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_34 | redis-debugsource | * | Up to (excluding) 6.2.6-1.fc34 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_35 | redis-debugsource | * | Up to (excluding) 6.2.6-1.fc35 | |||||
| 运行在以下环境 | |||||||||
| 系统 | opensuse_Leap_15.3 | redis | * | Up to (excluding) 6.0.14-6.8.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | unionos_d | redis | * | Up to (excluding) 5:5.0.14-1+security | |||||
- 攻击路径 远程
- 攻击复杂度 容易
- 权限要求 普通权限
- 影响范围 有限影响
- EXP成熟度 未验证
- 补丁情况 官方补丁
- 数据保密性 数据泄露
- 数据完整性 无影响
- 服务器危害 无影响
- 全网数量 N/A
| CWE-ID | 漏洞类型 |
| CWE-190 | 整数溢出或超界折返 |
| CWE-680 | 整数溢出导致缓冲区溢出 |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论