Bug 1182657 - (CVE-2021-21309) VUL-0: CVE-2021-21309: redis: Integer overflow on 32-bit systems
(CVE-2021-21309)
VUL-0: CVE-2021-21309: redis: Integer overflow on 32-bit systems
Status: NEW
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.2
i586 Other
: P3 - Medium : Normal (vote)
: ---
Assigned To: Security Team bot
E-mail List
CVSSv3.1:SUSE:CVE-2021-21309:7.4:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-02-24 10:31 UTC by Andreas Stieger
Modified: 2021-05-19 16:28 UTC (History)
5 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Stieger 2021-02-24 10:31:06 UTC
Integer overflow on 32-bit systems (CVE-2021-21309):
Redis 4.0 or newer uses a configurable limit for the maximum supported bulk
input size. By default, it is 512MB which is a safe value for all platforms.
If the limit is significantly increased, receiving a large request from a client
may trigger several integer overflow scenarios, which would result with buffer
overflow and heap corruption.

References:
https://groups.google.com/g/redis-db/c/tFldUlOt8D8/m/HrZAfUB0AgAJ
https://github.com/redis/redis/blob/6.2.0/00-RELEASENOTES
Comment 2 Robert Frohl 2021-03-02 15:07:26 UTC
also tracking SUSE:SLE-15:Update/redis as affected.
Comment 3 Ruediger Oertel 2021-03-02 15:28:21 UTC
Boris, do you want to take this one ?
Comment 4 Andreas Stieger 2021-03-02 15:29:03 UTC
(In reply to Robert Frohl from comment #2)
> also tracking SUSE:SLE-15:Update/redis as affected.

Does this even have a 32 bit build for this package?
Comment 5 Ruediger Oertel 2021-03-02 15:39:03 UTC
depending on the definition. For SLE, we have built i586 rpms for this but they are not part of any product. It's part of Leap though, so they have binaries for armv7 and i586 I think.
Comment 6 OBSbugzilla Bot 2021-05-06 18:40:05 UTC
This is an autogenerated message for OBS integration:
This bug (1182657) was mentioned in
https://build.opensuse.org/request/show/891113 15.2 / redis
Comment 7 Swamp Workflow Management 2021-05-07 22:15:56 UTC
openSUSE-SU-2021:0682-1: An update that solves three vulnerabilities, contains 8 features and has one errata is now available.

Category: security (important)
Bug References: 1178205,1182657,1185729,1185730
CVE References: CVE-2021-21309,CVE-2021-29477,CVE-2021-29478
JIRA References: ECO-2417,ECO-2867,PM-1547,PM-1615,PM-1622,PM-1681,SLE-11578,SLE-12821
Sources used:
openSUSE Leap 15.2 (src):    redis-6.0.13-lp152.2.3.1
Comment 9 Swamp Workflow Management 2021-05-19 16:28:20 UTC
SUSE-SU-2021:1652-1: An update that fixes three vulnerabilities is now available.

Category: security (important)
Bug References: 1182657,1185729,1185730
CVE References: CVE-2021-21309,CVE-2021-29477,CVE-2021-29478
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Server Applications 15-SP3 (src):    redis-6.0.13-1.10.1
SUSE Linux Enterprise Module for Server Applications 15-SP2 (src):    redis-6.0.13-1.10.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.