Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 658248 (CVE-2018-12453)

Summary: dev-db/redis: Denial of Service vulnerability
Product: Gentoo Security Reporter: Florian Schuhmacher <mynt1aa>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: normal CC: robbat2, ultrabug
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://github.com/antirez/redis/commit/c04082cf138f1f51cedf05ee9ad36fb6763cafc6
Whiteboard:
Package list:
Runtime testing required: ---

Description Florian Schuhmacher 2018-06-16 18:43:51 UTC 
Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream.

Gentoo Security Scout
Florian Schuhmacher
Comment 1 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2018-06-16 19:26:42 UTC 
t_stream.c not in any version prior to 5, thus we are note affected.

Closing as INVALID