CVE-2020-14147
- Source
- https://cve.org/CVERecord?id=CVE-2020-14147
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-14147.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-14147
- Downstream
- Related
- Published
- 2020-06-15T18:15:14.990Z
- Modified
- 2026-04-02T04:09:45.024410Z
- Severity
-
- 7.7 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. NOTE: this issue exists because of a CVE-2015-8080 regression.
- References
-
- https://security.gentoo.org/glsa/202008-17
- https://www.debian.org/security/2020/dsa-4731
- https://www.oracle.com/security-alerts/cpujan2021.html
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00058.html
- https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571
- https://github.com/antirez/redis/pull/6875
Affected packages
Git / github.com/antirez/redis
Affected ranges
- Type
- GIT
- Repo
- https://github.com/antirez/redis
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
1.*
1.3.6
2.*
2.0.0
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5
2.2-alpha0
2.2-alpha1
2.2-alpha2
2.2-alpha3
2.2-alpha4
2.2-alpha5
2.2-alpha6
2.2.0
2.2.0-rc1
2.2.0-rc2
2.2.0-rc3
2.2.0-rc4
2.2.1
2.2.10
2.2.105-scripting
2.2.106-scripting
2.2.107-scripting
2.2.11
2.2.110-scripting
2.2.111-scripting
2.2.12
2.2.13
2.2.14
2.2.15
2.2.2
2.2.3
2.2.4
2.2.5
2.2.6
2.2.7
2.2.8
2.2.9
2.3-alpha0
2.4.0
2.4.0-rc1
2.4.0-rc2
2.4.0-rc3
2.4.0-rc4
2.4.0-rc5
2.4.0-rc6
2.4.0-rc7
2.4.0-rc8
2.4.1
2.4.10
2.4.11
2.4.12
2.4.13
2.4.14
2.4.15
2.4.16
2.4.17
2.4.18
2.4.2
2.4.3
2.4.4
2.4.5
2.4.6
2.4.7
2.4.8
2.4.9
2.6.0
2.6.0-rc1
2.6.0-rc2
2.6.0-rc3
2.6.0-rc4
2.6.0-rc5
2.6.0-rc6
2.6.0-rc7
2.6.0-rc8
2.6.1
2.6.10
2.6.10-1
2.6.10-2
2.6.10-3
2.6.11
2.6.12
2.6.13
2.6.14
2.6.14-1
2.6.14-2
2.6.15
2.6.16
2.6.17
2.6.2
2.6.3
2.6.4
2.6.5
2.6.6
2.6.7
2.6.7-1
2.6.8
2.6.8-1
2.6.9
2.6.9-1
2.8.0
2.8.0-rc1
2.8.0-rc2
2.8.0-rc3
2.8.0-rc4
2.8.0-rc5
2.8.0-rc6
2.8.1
2.8.10
2.8.11
2.8.12
2.8.13
2.8.14
2.8.15
2.8.16
2.8.17
2.8.18
2.8.19
2.8.2
2.8.20
2.8.21
2.8.22
2.8.23
2.8.24
2.8.3
2.8.4
2.8.5
2.8.6
2.8.7
2.8.8
2.8.9
3.*
3.0-alpha0
3.0.0
3.0.0-beta1
3.0.0-beta2
3.0.0-beta3
3.0.0-beta4
3.0.0-beta5
3.0.0-beta6
3.0.0-beta7
3.0.0-beta8
3.0.0-rc1
3.0.0-rc2
3.0.0-rc3
3.0.0-rc4
3.0.0-rc5
3.0.0-rc6
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.6
3.0.7
3.2-rc1
3.2.0
3.2.0-rc2
3.2.0-rc3
3.2.1
3.2.10
3.2.11
3.2.12
3.2.13
3.2.2
3.2.3
3.2.4
3.2.5
3.2.6
3.2.7
3.2.8
3.2.9
4.*
4.0-rc1
4.0-rc2
4.0-rc3
4.0.0
4.0.1
4.0.10
4.0.11
4.0.12
4.0.13
4.0.14
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.0.8
4.0.9
5.*
5.0-rc1
5.0-rc2
5.0-rc3
5.0-rc4
5.0-rc5
5.0-rc6
5.0.0
5.0.1
5.0.2
5.0.3
5.0.4
5.0.5
5.0.6
5.0.7
5.0.8
6.*
6.0-rc1
6.0-rc2
6.0-rc3
6.0-rc4
6.0.0
6.0.1
6.0.2
6.2-rc1
6.2-rc2
6.2-rc3
6.2.0
6.2.1
6.2.10
6.2.11
6.2.12
6.2.13
6.2.14
6.2.15
6.2.16
6.2.17
6.2.18
6.2.19
6.2.2
6.2.20
6.2.21
6.2.3
6.2.4
6.2.5
6.2.6
6.2.7
6.2.8
6.2.9
7.*
7.0-rc1
7.0-rc2
7.0-rc3
7.0.0
7.0.1
7.0.10
7.0.11
7.0.12
7.0.13
7.0.14
7.0.15
7.0.2
7.0.3
7.0.4
7.0.5
7.0.6
7.0.7
7.0.8
7.0.9
7.2-rc1
7.2-rc2
7.2-rc3
7.2.0
7.2.1
7.2.10
7.2.11
7.2.12
7.2.13
7.2.2
7.2.3
7.2.4
7.2.5
7.2.6
7.2.7
7.2.8
7.2.9
7.4-rc1
7.4-rc2
7.4.0
7.4.1
7.4.2
7.4.3
7.4.4
7.4.5
7.4.6
7.4.7
7.4.8
8.*
8.0-m01
8.0-m02
8.0-m03
8.0-m04
8.0-m04-int
8.0-rc1
8.0-rc1-int
8.0-rc1-int2
8.0-rc2-int
8.0.0
8.0.1
8.0.1-int
8.0.2
8.0.3
8.0.4
8.0.5
8.0.6
8.2-int
8.2-m01
8.2-m01-int
8.2-m01-int2
8.2-rc1
8.2-rc1-int
8.2.0
8.2.1
8.2.1-int
8.2.2
8.2.2-int
8.2.3
8.2.4
8.2.5
8.4-int
8.4-int2
8.4-int3
8.4-m01-int
8.4-rc1
8.4-rc1-int
8.4-rc1-int2
8.4.0
8.4.1
8.4.2
8.6-rc1
8.6.0
8.6.1
8.6.2
Other
twitter-20100804
twitter-20100825
vm-playpen
with-deprecated-diskstore
v1.*
v1.3.10
v1.3.11
v1.3.12
v1.3.7
v1.3.8
v1.3.9
v2.*
v2.0.0-rc1
v2.0.0-rc1b
v2.0.0-rc2
v2.0.0-rc3
v2.0.0-rc4
v2.0.0-stable
v2.0.1-stable
v2.0.2-stable
v2.0.3-stable
v2.0.4-stable
v2.1.1-watch
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-14147.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "10.0"
}
]
}
]
vanir_signatures
[
{
"deprecated": false,
"signature_type": "Function",
"signature_version": "v1",
"digest": {
"function_hash": "285556551804856358181809971858790846830",
"length": 535.0
},
"source": "https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571",
"id": "CVE-2020-14147-1c9f15ff",
"target": {
"file": "deps/lua/src/lua_struct.c",
"function": "controloptions"
}
},
{
"deprecated": false,
"signature_type": "Line",
"signature_version": "v1",
"digest": {
"line_hashes": [
"134335090510338628569141842895565787666",
"129767963907433821863868325737636018053",
"300080779537829833533704011346679055977",
"150366785480519783601597766313455146941",
"291778318289862582589671380180879160640",
"334836077840905045155583947536240977132",
"204789960506117649192793862499828062137",
"206010478460804687345513953054922291922",
"273452596673789713237435221305689614452",
"224353343358345155052571137818636792223",
"149016652711686681273500497938298290981",
"88480705846654040951299849469807546662",
"276361046096231743424703405800731534378",
"307287750647995264489892449716195012064",
"38246228680553567486599359596671787366",
"263027252925130599613215470536067358578",
"2874506608442905135345185747778786999",
"47699769131658910848691075822501354908",
"249210679146172818636927068194179760061"
],
"threshold": 0.9
},
"source": "https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571",
"id": "CVE-2020-14147-8ad6483a",
"target": {
"file": "deps/lua/src/lua_struct.c"
}
},
{
"deprecated": false,
"signature_type": "Function",
"signature_version": "v1",
"digest": {
"function_hash": "4084196643356696974733906552222450367",
"length": 647.0
},
"source": "https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571",
"id": "CVE-2020-14147-a8de9166",
"target": {
"file": "deps/lua/src/lua_struct.c",
"function": "optsize"
}
},
{
"deprecated": false,
"signature_type": "Function",
"signature_version": "v1",
"digest": {
"function_hash": "135527645391249101043499856436152069482",
"length": 238.0
},
"source": "https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571",
"id": "CVE-2020-14147-c76f01ae",
"target": {
"file": "deps/lua/src/lua_struct.c",
"function": "getnum"
}
}
]