Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 902501 (CVE-2023-28425) - <dev-db/redis-7.0.10: Specially crafted MSETNX command can lead to assertion and denial-of-service
Summary: <dev-db/redis-7.0.10: Specially crafted MSETNX command can lead to assertion ...
Status: IN_PROGRESS
Alias: CVE-2023-28425
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [stable]
Keywords: PullRequest
Depends on: 914574 902721 905692
Blocks:
  Show dependency tree
 
Reported: 2023-03-21 07:47 UTC by Petr Vaněk
Modified: 2023-09-23 16:42 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Petr Vaněk 2023-03-21 07:47:22 UTC
CVE-2023-28425 - Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10.
Comment 1 Larry the Git Cow gentoo-dev 2023-03-22 01:20:27 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=19681fd5fa178dc41d2f61225a0958ea3b538224

commit 19681fd5fa178dc41d2f61225a0958ea3b538224
Author:     Petr Vaněk <arkamar@atlas.cz>
AuthorDate: 2023-03-21 08:07:29 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-03-22 01:17:37 +0000

    dev-db/redis: drop 6.2.10, 7.0.8
    
    Bug: https://bugs.gentoo.org/891169
    Bug: https://bugs.gentoo.org/898464
    Bug: https://bugs.gentoo.org/902501
    Signed-off-by: Petr Vaněk <arkamar@atlas.cz>
    Closes: https://github.com/gentoo/gentoo/pull/30278
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-db/redis/Manifest            |   2 -
 dev-db/redis/redis-6.2.10.ebuild | 195 ---------------------------------------
 dev-db/redis/redis-7.0.8.ebuild  | 187 -------------------------------------
 3 files changed, 384 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=971d538d97b1448ba5fb980919393b1eeb9c8f44

commit 971d538d97b1448ba5fb980919393b1eeb9c8f44
Author:     Petr Vaněk <arkamar@atlas.cz>
AuthorDate: 2023-03-21 07:51:37 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-03-22 01:17:37 +0000

    dev-db/redis: add 7.0.10
    
    Bug: https://bugs.gentoo.org/902501
    Signed-off-by: Petr Vaněk <arkamar@atlas.cz>
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-db/redis/Manifest            |   1 +
 dev-db/redis/redis-7.0.10.ebuild | 187 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 188 insertions(+)
Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2023-03-22 01:22:37 UTC
The summary has to have the first fixed versions in tree which makes it hard to express quick regressions like this.
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-05-23 04:21:05 UTC
("[stable]" itself indicates stablereq is in progress)