Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 915989 (CVE-2023-45145) - <dev-db/redis-{6.2.14,7.0.14,7.2.2}: Redis Unix-domain socket may be exposed with the wrong permissions for a short time window
Summary: <dev-db/redis-{6.2.14,7.0.14,7.2.2}: Redis Unix-domain socket may be exposed ...
Status: CONFIRMED
Alias: CVE-2023-45145
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://github.com/redis/redis/securi...
Whiteboard: B2 [glsa]
Keywords: PullRequest
Depends on: 918847 921760
Blocks:
  Show dependency tree
 
Reported: 2023-10-19 07:02 UTC by Petr Vaněk
Modified: 2024-07-20 07:21 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Petr Vaněk gentoo-dev 2023-10-19 07:02:53 UTC
CVE-2023-45145 - On startup, Redis begins listening on a Unix socket before adjusting its permissions to the user-provided configuration. If a permissive umask(2) is used, this creates a race condition that enables, during a short period of time, another process to establish an otherwise unauthorized connection. This problem has existed since Redis 2.6.0-RC1. This issue has been addressed in Redis versions 7.2.2, 7.0.14 and 6.2.14. Users are advised to upgrade. For users unable to upgrade, it is possible to work around the problem by disabling Unix sockets, starting Redis with a restrictive umask, or storing the Unix socket file in a protected directory.
Comment 1 Larry the Git Cow gentoo-dev 2023-10-29 04:32:00 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ebed5222738c6ae9b51f736f5d2f31d03035b39f

commit ebed5222738c6ae9b51f736f5d2f31d03035b39f
Author:     Petr Vaněk <arkamar@atlas.cz>
AuthorDate: 2023-10-19 07:49:41 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-10-29 04:18:51 +0000

    dev-db/redis: add 7.2.2
    
    Bug: https://bugs.gentoo.org/915989
    Signed-off-by: Petr Vaněk <arkamar@atlas.cz>
    Closes: https://github.com/gentoo/gentoo/pull/33404
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-db/redis/Manifest           |   1 +
 dev-db/redis/redis-7.2.2.ebuild | 200 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 201 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=91f0b8ae6c61e55d84387ba66784c0cd96d7f980

commit 91f0b8ae6c61e55d84387ba66784c0cd96d7f980
Author:     Petr Vaněk <arkamar@atlas.cz>
AuthorDate: 2023-10-19 07:29:47 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-10-29 04:18:51 +0000

    dev-db/redis: add 7.0.14
    
    Bug: https://bugs.gentoo.org/915989
    Signed-off-by: Petr Vaněk <arkamar@atlas.cz>
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-db/redis/Manifest            |   1 +
 dev-db/redis/redis-7.0.14.ebuild | 187 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 188 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b5afcfff20f65dcea36883eef57870db3f02949f

commit b5afcfff20f65dcea36883eef57870db3f02949f
Author:     Petr Vaněk <arkamar@atlas.cz>
AuthorDate: 2023-10-19 07:24:57 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-10-29 04:18:50 +0000

    dev-db/redis: add 6.2.14
    
    Bug: https://bugs.gentoo.org/915989
    Signed-off-by: Petr Vaněk <arkamar@atlas.cz>
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-db/redis/Manifest            |   1 +
 dev-db/redis/redis-6.2.14.ebuild | 195 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 196 insertions(+)
Comment 2 Larry the Git Cow gentoo-dev 2024-01-09 14:24:41 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=40f0aeee0d9ab31c81a869f258821733048f7423

commit 40f0aeee0d9ab31c81a869f258821733048f7423
Author:     Petr Vaněk <arkamar@gentoo.org>
AuthorDate: 2024-01-09 14:12:04 +0000
Commit:     Petr Vaněk <arkamar@gentoo.org>
CommitDate: 2024-01-09 14:23:54 +0000

    dev-db/redis: drop versions
    
    This commit drops most of vulnerable versions, however, security
    cleanups are still blocked because of 7.0.5 which is the last stable
    version for arm.
    
    Bug: https://bugs.gentoo.org/891169
    Bug: https://bugs.gentoo.org/898464
    Bug: https://bugs.gentoo.org/902501
    Bug: https://bugs.gentoo.org/904486
    Bug: https://bugs.gentoo.org/910191
    Bug: https://bugs.gentoo.org/913741
    Bug: https://bugs.gentoo.org/915989
    Bug: https://bugs.gentoo.org/921662
    Signed-off-by: Petr Vaněk <arkamar@gentoo.org>

 dev-db/redis/Manifest                              |   7 -
 dev-db/redis/files/redis-6.2.7-cve-2022-3647.patch | 173 ------------------
 dev-db/redis/redis-6.2.11.ebuild                   | 195 --------------------
 dev-db/redis/redis-6.2.13.ebuild                   | 195 --------------------
 dev-db/redis/redis-6.2.7-r2.ebuild                 | 198 --------------------
 dev-db/redis/redis-7.0.12.ebuild                   | 187 -------------------
 dev-db/redis/redis-7.0.13.ebuild                   | 187 -------------------
 dev-db/redis/redis-7.0.9.ebuild                    | 187 -------------------
 dev-db/redis/redis-7.2.2.ebuild                    | 200 ---------------------
 9 files changed, 1529 deletions(-)
Comment 3 Larry the Git Cow gentoo-dev 2024-01-10 10:18:14 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3a7e6b8769400cbbd7e4f3161d8c7dfdd62af8af

commit 3a7e6b8769400cbbd7e4f3161d8c7dfdd62af8af
Author:     Petr Vaněk <arkamar@gentoo.org>
AuthorDate: 2024-01-10 10:05:04 +0000
Commit:     Petr Vaněk <arkamar@gentoo.org>
CommitDate: 2024-01-10 10:16:11 +0000

    dev-db/redis: destabilize 7.0.5-r1 for ~arm
    
    Dropping the stable keyword for arm architecture due to a lack of
    security stabilization for over a year.
    
    Bug: https://bugs.gentoo.org/891169
    Bug: https://bugs.gentoo.org/898464
    Bug: https://bugs.gentoo.org/902501
    Bug: https://bugs.gentoo.org/904486
    Bug: https://bugs.gentoo.org/910191
    Bug: https://bugs.gentoo.org/913741
    Bug: https://bugs.gentoo.org/915548#c6
    Bug: https://bugs.gentoo.org/915989
    Bug: https://bugs.gentoo.org/918847
    Bug: https://bugs.gentoo.org/921662
    Signed-off-by: Petr Vaněk <arkamar@gentoo.org>

 dev-db/redis/redis-7.0.5-r1.ebuild        | 4 ++--
 profiles/arch/arm/package.use.stable.mask | 2 ++
 2 files changed, 4 insertions(+), 2 deletions(-)
Comment 4 Larry the Git Cow gentoo-dev 2024-01-10 12:28:22 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8942d96c5ff1a45db0922d9e5e4403b050494bf6

commit 8942d96c5ff1a45db0922d9e5e4403b050494bf6
Author:     Petr Vaněk <arkamar@gentoo.org>
AuthorDate: 2024-01-10 12:25:59 +0000
Commit:     Petr Vaněk <arkamar@gentoo.org>
CommitDate: 2024-01-10 12:27:32 +0000

    dev-db/redis: drop 7.0.5-r1
    
    Bug: https://bugs.gentoo.org/891169
    Bug: https://bugs.gentoo.org/898464
    Bug: https://bugs.gentoo.org/902501
    Bug: https://bugs.gentoo.org/904486
    Bug: https://bugs.gentoo.org/910191
    Bug: https://bugs.gentoo.org/913741
    Bug: https://bugs.gentoo.org/915989
    Bug: https://bugs.gentoo.org/921662
    Signed-off-by: Petr Vaněk <arkamar@gentoo.org>

 dev-db/redis/Manifest                              |   1 -
 .../files/redis-7.0.4-replica-tests-fix.patch      |  61 -------
 dev-db/redis/files/redis-7.0.5-cve-2022-3647.patch | 173 -------------------
 dev-db/redis/redis-7.0.5-r1.ebuild                 | 191 ---------------------
 4 files changed, 426 deletions(-)
Comment 5 Larry the Git Cow gentoo-dev 2024-03-13 21:57:10 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d5a0d6d701e1e513f689c9b698b4225e0b36422e

commit d5a0d6d701e1e513f689c9b698b4225e0b36422e
Author:     Petr Vaněk <arkamar@gentoo.org>
AuthorDate: 2024-03-13 21:54:50 +0000
Commit:     Petr Vaněk <arkamar@gentoo.org>
CommitDate: 2024-03-13 21:56:30 +0000

    dev-db/redis: drop 7.0.14-r1, 7.2.1-r1, 7.2.3-r1
    
    Bug: https://bugs.gentoo.org/921662
    Bug: https://bugs.gentoo.org/915989
    Signed-off-by: Petr Vaněk <arkamar@gentoo.org>

 dev-db/redis/Manifest               |   3 -
 dev-db/redis/redis-7.0.14-r1.ebuild | 187 ---------------------------------
 dev-db/redis/redis-7.2.1-r1.ebuild  | 200 ------------------------------------
 dev-db/redis/redis-7.2.3-r1.ebuild  | 200 ------------------------------------
 4 files changed, 590 deletions(-)