#VU13402 Type confusion in Redis
Vulnerability identifier: #VU13402
Vulnerability risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-704
Exploitation vector: Network
Exploit availability: Yes
Vulnerable software:
Redis
Server applications /
Database software
Vendor: Salvatore Sanfilippo
Description
The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.
The vulnerability exists in the xgroupCommand function due to improper handling of an XGROUP command where the key is not a stream by the xgroupCommand function, as defined in the t_stream.c source code file. A remote attacker can execute an XGROUP command that submits malicious input, trigger a type confusion condition and cause the service to crash.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Redis: 4.0.0 - 4.0.10
External links
http://github.com/antirez/redis/commit/c04082cf138f1f51cedf05ee9ad36fb6763cafc6
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
