[SECURITY] [DLA 4240-1] redis security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4240-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Chris Lamb
July 12, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : redis
Version : 5:6.0.16-1+deb11u7
CVE IDs : CVE-2025-32023 CVE-2025-48367
Debian Bugs : 1108975 1108981
Two issues were discovered in Redis, the key-value database:
* CVE-2025-32023: An authenticated user may have used a
specially-crafted string to trigger a stack/heap out-of-bounds
write during hyperloglog operations, potentially leading to a
remote code execution vulnerability. Installations that used Redis'
ACL system to restrict hyperloglog HLL commands are unaffected by
this issue.
* CVE-2025-48367: An unauthenticated connection could have caused
repeated IP protocol errors, leading to client starvation and
ultimately become a Denial of Service (DoS) attack.
For Debian 11 bullseye, these problems have been fixed in version
5:6.0.16-1+deb11u7.
We recommend that you upgrade your redis packages.
For the detailed security status of redis please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/redis
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmhy1ioACgkQHpU+J9Qx
HlgK0Q/9FfGRaMS75d2vuTUN7vHVW9TKD2c3Pg9Rti0cH6uAZwfFv0K8YKx0mXMm
BzTsU1+dui99M3aG0djbNNXM8szsEtbgEZgj7SNLe+82u6tOMDPiAScjDh1ebSkw
UVMng820KWS2sctQP5utW6vq9FVfX85DIp/HHnz3MO6gQU1tb/MZuSArKwXzyUUa
AgDb5CzPG3H+dxbH696hJYp0JKKWJUM+E8GbfFK/7ICT/n/vuAR42as/pw96h+4r
KMOHXzD1ESdQcsQbj5DOV7DZSITT5Ttk+zlVHVgaQiK0j7LRxCuidcHwH94m/Gfw
z4/bmR7YcljSvKSAvoHWHsAr100u7DK2D76xabzjyamEyQEhfuJ5ssZX8tB7kH83
B5ij2DPRVN2nah00BIHlHor4m/66q0cD6DApEhfTQ6dc/PE2XAd3yJzJxTRXfrOu
K8TTdMTnmK47KuisCbZCdWUDwjpEXGWUcb1jpDAHAqapBY1bmkTxFK2nBEkaWw1x
9sdsVhdY7dHOYnLeq8gdLCQJUmTM43QDJxz6oNVjOuRYTs/qBNhsrFZns05VG+pa
K1iD+z2wnPc7gvOI/vL7LtvQIJADeIBzNlDCI3Y9/nfDLNTAXWcuk/XzB8jw2TCd
+avrrl2H8oXSrCTxo5qH83IhbqTvm56uht/+5XDz1zNdB2ImPfU=
=4CYM
-----END PGP SIGNATURE-----
Reply to: