CVE-2023-41056

Name	CVE-2023-41056
Description	Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-5610-1
Debian Bugs	1060316

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
redis (PTS)	jessie, jessie (lts)	2:2.8.17-1+deb8u12	fixed
	stretch (security)	3:3.2.6-3+deb9u9	fixed
	stretch (lts), stretch	3:3.2.6-3+deb9u12	fixed
	buster (security), buster, buster (lts)	5:5.0.14-1+deb10u5	fixed
	bullseye	5:6.0.16-1+deb11u2	fixed
	bullseye (security)	5:6.0.16-1+deb11u3	fixed
	bookworm (security), bookworm	5:7.0.15-1~deb12u1	fixed
	sid, trixie	5:7.0.15-2	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin	Debian Bugs
redis	source	jessie	(not affected)
redis	source	stretch	(not affected)
redis	source	buster	(not affected)
redis	source	bullseye	(not affected)
redis	source	bookworm	5:7.0.15-1~deb12u1	DSA-5610-1
redis	source	(unstable)	5:7.0.15-1		1060316

Notes

[bullseye] - redis <not-affected> (Vulnerable code not present)
[buster] - redis <not-affected> (Vulnerable code not present)
Introduced with changes from: https://github.com/redis/redis/pull/11766 (which landed
in 7.2, but which also got backported to the 7.0. branch)
https://github.com/redis/redis/commit/e351099e1119fb89496be578f5232c61ce300224 (7.0.15)
[stretch] - redis <not-affected> (Vulnerable code not present)
[jessie] - redis <not-affected> (Vulnerable code not present)