Bugzilla – Bug 1184889
VUL-0: CVE-2021-3470: redis: potential heap overflow when using a heap allocator other than jemalloc or glibc's malloc
Last modified: 2021-04-16 13:59:03 UTC
When using a system with no malloc_usable_size(), zmalloc_size() assumed that the heap allocator always returns blocks that are long-padded. This may not always be the case, and will result with zmalloc_size() returning a size that is bigger than allocated. At least in one case this leads to out of bound write, process crash and a potential security vulnerability. Effectively this does not affect the vast majority of users, who use jemalloc or glibc.
Upstream pull request:
We ship the version 6.0.10 which is not affected.