CVE-2025-62507

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-62507

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-62507.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-62507

Aliases

Downstream

MINI-mfjf-rjj4-v6w5

UBUNTU-CVE-2025-62507

Published

2025-11-04T21:24:44Z

Modified

2025-11-14T02:51:33.840214Z

Severity

7.7 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator

Summary

Redis: Bug in XACKDEL may lead to stack overflow and potential RCE

Details

Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code execution. This issue is fixed in version 8.2.3. To workaround this issue without patching the redis-server executable is to prevent users from executing XACKDEL operation. This can be done using ACL to restrict XACKDEL command.

Database specific

{
    "cwe_ids": [
        "CWE-121",
        "CWE-20"
    ]
}

References

Affected packages

Git / github.com/redis/redis

Affected ranges

Type: GIT
Repo: https://github.com/redis/redis
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

5f83972188f6e5b1d6f1940218c650a9cbdf7741

Fixed

ceb01e1584d6fd847cccf4e3aca2100d2097c321

Affected versions

1.*

1.3.6

2.*

2.2-alpha0

2.2-alpha1

2.2-alpha2

2.2-alpha3

2.2-alpha4

2.2-alpha5

2.2-alpha6

2.2.0-rc1

2.3-alpha0

3.*

3.0-alpha0

8.*

8.2-int

8.2-m01

8.2-m01-int

8.2-m01-int2

8.2-rc1

8.2-rc1-int

8.2.0

8.2.1

8.2.1-int

8.2.2

8.2.2-int

v1.*

v1.3.10

v1.3.11

v1.3.12

v1.3.7

v1.3.8

v1.3.9

v2.*

v2.0.0-rc1

v2.1.1-watch

Other

vm-playpen

with-deprecated-diskstore

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "source": "https://github.com/redis/redis/commit/5f83972188f6e5b1d6f1940218c650a9cbdf7741",
        "id": "CVE-2025-62507-8dda5ca6",
        "signature_version": "v1",
        "target": {
            "function": "xackdelCommand",
            "file": "src/t_stream.c"
        },
        "signature_type": "Function",
        "digest": {
            "function_hash": "184981250021505204310658382932789911777",
            "length": 2108.0
        }
    },
    {
        "deprecated": false,
        "source": "https://github.com/redis/redis/commit/5f83972188f6e5b1d6f1940218c650a9cbdf7741",
        "id": "CVE-2025-62507-a69c1c1d",
        "signature_version": "v1",
        "target": {
            "file": "src/t_stream.c"
        },
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "37992495249938891560898647564601714609",
                "329678821821074785238540876366894256146",
                "122806087588382097778337917458865251391",
                "268942351403239880169801664891435176436"
            ],
            "threshold": 0.9
        }
    }
]