CVE-2021-32761: Redis remote code execution vulnerability alert
On July 21, 2021, Redis officially issued a risk notice for Redis remote code execution vulnerabilities, the vulnerability number is CVE-2021-32761 with the CVSS score of 7.5.
Redis is an in-memory database that persists on a disk. The data model is key-value, but many different kinds of values are supported: Strings, Lists, Sets, Sorted Sets, Hashes, Streams, HyperLogLogs, Bitmaps. There is an overflow vulnerability in BITFIELD on 32-bit versions, which may lead to out-of-bounds reading of the memory. The combination of the Redis*BIT* command and the proto-max-bulk-len configuration parameter can cause an overflow and eventually lead to remote code execution.
Vulnerability Detail
Redis `*BIT*` command are vulnerable to an integer overflow that can potentially be exploited to corrupt the heap, leak arbitrary heap contents, or trigger remote code execution. The vulnerability involves changing the default `proto-max-bulk-len` configuration parameter to a very large value and constructing specially crafted commands bit commands.
Affected version
| Product | Affected version | Unaffected version |
|---|---|---|
| Redis:Redis | >2.2/<5.0.13 | 5.0.13 |
| Redis:Redis | >2.2/<6.0.15 | 6.0.15 |
| Redis:Redis | >2.2/<6.2.5 | 6.2.5 |
Solution
In this regard, we recommend that users upgrade Redis to the latest version in time.
