Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 788211 (CVE-2021-29477, CVE-2021-29478) - <dev-db/redis-{6.0.13, 6.2.3}: Multiple vulnerabilities (CVE-2021-{29477,29478})
Summary: <dev-db/redis-{6.0.13, 6.2.3}: Multiple vulnerabilities (CVE-2021-{29477,29478})
Status: RESOLVED FIXED
Alias: CVE-2021-29477, CVE-2021-29478
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2021-05-04 20:47 UTC by Sam James
Modified: 2021-07-09 02:57 UTC (History)
2 users (show)

See Also:
Package list:
dev-db/redis-6.0.13-r1
Runtime testing required: ---
nattka: sanity-check-


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester gentoo-dev Security 2021-05-04 20:47:34 UTC
* CVE-2021-29477

Description:
"An integer overflow bug in Redis version 6.0 or newer could be exploited using
the STRALGO LCS command to corrupt the heap and potentially result in remote
code execution. The integer overflow bug exists in all versions of Redis
starting with 6.0."

* CVE-2021-29478

Description:
"An integer overflow bug in Redis 6.2 could be exploited to corrupt the heap and
potentially result in remote code execution. The vulnerability involves
changing the default set-max-intset-entries configuration value, creating a
large set key that consists of integer values and using the COPY command to
duplicate it. The integer overflow bug exists in all versions of Redis starting
with 2.6, where it could result with a corrupted RDB or DUMP payload, but not
exploited through COPY (which did not exist before 6.2)."
Comment 1 Larry the Git Cow gentoo-dev 2021-05-04 21:41:42 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8427ef73ba9e6ad18fbf873e1f07f607edc88392

commit 8427ef73ba9e6ad18fbf873e1f07f607edc88392
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2021-05-04 21:41:02 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2021-05-04 21:41:35 +0000

    dev-db/redis: add 6.2.3
    
    Bug: https://bugs.gentoo.org/788211
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-db/redis/Manifest                           |   1 +
 dev-db/redis/files/redis-6.2.3-ppc-atomic.patch |  19 +++
 dev-db/redis/redis-6.2.3.ebuild                 | 185 ++++++++++++++++++++++++
 3 files changed, 205 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ef7b16d19bf872152a85bd352741c6816298901a

commit ef7b16d19bf872152a85bd352741c6816298901a
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2021-05-04 21:34:13 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2021-05-04 21:41:34 +0000

    dev-db/redis: add 6.0.13
    
    Bug: https://bugs.gentoo.org/788211
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-db/redis/Manifest            |   1 +
 dev-db/redis/redis-6.0.13.ebuild | 185 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 186 insertions(+)
Comment 2 Larry the Git Cow gentoo-dev 2021-05-06 10:02:21 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5fecb01174e866e6ddfc305dd8ae8f9066c5d518

commit 5fecb01174e866e6ddfc305dd8ae8f9066c5d518
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2021-05-05 14:49:30 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2021-05-06 10:02:02 +0000

    dev-db/redis: pass systemd flag to make
    
    Bug: https://bugs.gentoo.org/788211
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-db/redis/{redis-6.0.13.ebuild => redis-6.0.13-r1.ebuild} | 2 ++
 dev-db/redis/{redis-6.2.3.ebuild => redis-6.2.3-r1.ebuild}   | 2 ++
 2 files changed, 4 insertions(+)
Comment 3 NATTkA bot gentoo-dev 2021-05-06 10:04:33 UTC Comment hidden (obsolete)
Comment 4 Sam James archtester gentoo-dev Security 2021-05-07 13:31:02 UTC
arm done
Comment 5 Sam James archtester gentoo-dev Security 2021-05-07 13:31:49 UTC
arm64 done
Comment 6 Sam James archtester gentoo-dev Security 2021-05-07 13:32:31 UTC
ppc64 done
Comment 7 Sam James archtester gentoo-dev Security 2021-05-07 13:33:18 UTC
ppc done
Comment 8 Sam James archtester gentoo-dev Security 2021-05-07 14:35:45 UTC
amd64 done
Comment 9 Sam James archtester gentoo-dev Security 2021-05-07 14:35:57 UTC
x86 done
Comment 10 Rolf Eike Beer archtester 2021-05-10 13:53:19 UTC
sparc stable
Comment 11 Sam James archtester gentoo-dev Security 2021-05-10 13:57:33 UTC
Please cleanup.
Comment 12 Larry the Git Cow gentoo-dev 2021-06-11 01:11:00 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7486aa16a7b0f330f7b6fdbe2284a53dbf4c0446

commit 7486aa16a7b0f330f7b6fdbe2284a53dbf4c0446
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2021-06-11 01:10:35 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2021-06-11 01:10:51 +0000

    dev-db/redis: drop 6.0.12, 6.0.13-r1, 6.2.1, 6.2.3-r1
    
    Bug: https://bugs.gentoo.org/773328
    Bug: https://bugs.gentoo.org/788211
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-db/redis/Manifest               |   4 -
 dev-db/redis/redis-6.0.12.ebuild    | 184 -----------------------------------
 dev-db/redis/redis-6.0.13-r1.ebuild | 187 ------------------------------------
 dev-db/redis/redis-6.2.1.ebuild     | 184 -----------------------------------
 dev-db/redis/redis-6.2.3-r1.ebuild  | 187 ------------------------------------
 5 files changed, 746 deletions(-)
Comment 13 NATTkA bot gentoo-dev 2021-06-11 01:16:23 UTC
Unable to check for sanity:

> no match for package: dev-db/redis-6.0.13-r1
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2021-07-09 02:57:12 UTC
This issue was resolved and addressed in
 GLSA 202107-20 at https://security.gentoo.org/glsa/202107-20
by GLSA coordinator Sam James (sam_c).