CVE-2020-14147
- Source
- https://cve.org/CVERecord?id=CVE-2020-14147
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-14147.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-14147
- Downstream
- Related
- Published
- 2020-06-15T18:15:14.990Z
- Modified
- 2026-02-13T02:02:33.568780Z
- Severity
-
- 7.7 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. NOTE: this issue exists because of a CVE-2015-8080 regression.
- References
-
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00058.html
- https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571
- https://github.com/antirez/redis/pull/6875
- https://security.gentoo.org/glsa/202008-17
- https://www.debian.org/security/2020/dsa-4731
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571
- https://github.com/antirez/redis/pull/6875
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00058.html
Affected packages
Git / github.com/antirez/redis
Affected ranges
- Type
- GIT
- Repo
- https://github.com/antirez/redis
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-14147.json"
vanir_signatures
[
{
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 535.0,
"function_hash": "285556551804856358181809971858790846830"
},
"signature_type": "Function",
"id": "CVE-2020-14147-1c9f15ff",
"source": "https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571",
"target": {
"function": "controloptions",
"file": "deps/lua/src/lua_struct.c"
}
},
{
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"134335090510338628569141842895565787666",
"129767963907433821863868325737636018053",
"300080779537829833533704011346679055977",
"150366785480519783601597766313455146941",
"291778318289862582589671380180879160640",
"334836077840905045155583947536240977132",
"204789960506117649192793862499828062137",
"206010478460804687345513953054922291922",
"273452596673789713237435221305689614452",
"224353343358345155052571137818636792223",
"149016652711686681273500497938298290981",
"88480705846654040951299849469807546662",
"276361046096231743424703405800731534378",
"307287750647995264489892449716195012064",
"38246228680553567486599359596671787366",
"263027252925130599613215470536067358578",
"2874506608442905135345185747778786999",
"47699769131658910848691075822501354908",
"249210679146172818636927068194179760061"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "CVE-2020-14147-8ad6483a",
"source": "https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571",
"target": {
"file": "deps/lua/src/lua_struct.c"
}
},
{
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 647.0,
"function_hash": "4084196643356696974733906552222450367"
},
"signature_type": "Function",
"id": "CVE-2020-14147-a8de9166",
"source": "https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571",
"target": {
"function": "optsize",
"file": "deps/lua/src/lua_struct.c"
}
},
{
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 238.0,
"function_hash": "135527645391249101043499856436152069482"
},
"signature_type": "Function",
"id": "CVE-2020-14147-c76f01ae",
"source": "https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571",
"target": {
"function": "getnum",
"file": "deps/lua/src/lua_struct.c"
}
}
]