CVE-2023-25155

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-25155
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-25155.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-25155
Aliases
Downstream
Related
Published
2023-03-02T03:01:36Z
Modified
2025-11-04T20:10:57.408999Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Integer Overflow in several Redis commands can lead to denial of service.
Details

Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9.

Database specific 
{
    "cwe_ids": [
        "CWE-190"
    ]
}
References

Affected packages

Git / github.com/redis/redis

Affected ranges

Type
GIT
Repo
https://github.com/redis/redis
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
ebe2e4583fc6b4cd1a8142caa51fa7c8d37d6de3
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "6.0.18"
        }
    ]
}
Type
GIT
Repo
https://github.com/redis/redis
Events
Introduced
d375595d5e3ae2e5c29e6c00a2dc3d60578fd9fc
Fixed
86920532f72ff005fcb146c5a02562f9a10b8140
Database specific 
{
    "versions": [
        {
            "introduced": "7.0.0"
        },
        {
            "fixed": "7.0.9"
        }
    ]
}
Type
GIT
Repo
https://github.com/redis/redis
Events
Introduced
445aa844b946a8f1bc21ac8554b44adb1ecb4018
Fixed
720ea82eab846abc36651d01cc9f8347d4f42f90
Database specific 
{
    "versions": [
        {
            "introduced": "6.2.0"
        },
        {
            "fixed": "6.2.11"
        }
    ]
}

Affected versions

1.*

1.3.6

2.*

2.2-alpha0
2.2-alpha1
2.2-alpha2
2.2-alpha3
2.2-alpha4
2.2-alpha5
2.2-alpha6
2.2.0-rc1
2.3-alpha0

3.*

3.0-alpha0

6.*

6.0-rc1
6.0-rc2
6.0-rc3
6.0-rc4
6.0.0
6.0.1
6.0.10
6.0.11
6.0.12
6.0.13
6.0.14
6.0.15
6.0.16
6.0.17
6.0.2
6.0.3
6.0.4
6.0.5
6.0.6
6.0.7
6.0.8
6.0.9
6.2.0
6.2.1
6.2.10
6.2.2
6.2.3
6.2.4
6.2.5
6.2.6
6.2.7
6.2.8
6.2.9

7.*

7.0.0
7.0.1
7.0.2
7.0.3
7.0.4
7.0.5
7.0.6
7.0.7
7.0.8

v1.*

v1.3.10
v1.3.11
v1.3.12
v1.3.7
v1.3.8
v1.3.9

v2.*

v2.0.0-rc1
v2.1.1-watch

Other

vm-playpen
with-deprecated-diskstore