CVE-2023-28856

NameCVE-2023-28856
DescriptionRedis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised to upgrade. There are no known workarounds for this issue.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3396-1, DLA-3885-1, ELA-838-1
Debian Bugs1034613

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
redis (PTS)jessie, jessie (lts)2:2.8.17-1+deb8u13fixed
stretch (security)3:3.2.6-3+deb9u9vulnerable
stretch (lts), stretch3:3.2.6-3+deb9u13fixed
buster, buster (lts)5:5.0.14-1+deb10u6fixed
buster (security)5:5.0.14-1+deb10u5fixed
bullseye5:6.0.16-1+deb11u2vulnerable
bullseye (security)5:6.0.16-1+deb11u4fixed
bookworm (security), bookworm5:7.0.15-1~deb12u1fixed
sid, trixie5:7.0.15-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
redissourcejessie2:2.8.17-1+deb8u11ELA-838-1
redissourcestretch3:3.2.6-3+deb9u10ELA-838-1
redissourcebuster5:5.0.14-1+deb10u4DLA-3396-1
redissourcebullseye5:6.0.16-1+deb11u3DLA-3885-1
redissource(unstable)5:7.0.11-11034613

Notes

https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6
https://github.com/redis/redis/commit/1c1bd618c95e26a8ff5c12e70cbf0117233ef073 (7.0.11)
https://github.com/redis/redis/commit/e030e351fd7ae8c1b0254982a4f12a4bd15ac66b (6.2.12)
Requires authenticated access to server.

Search for package or bug name: Reporting problems