Vulnerabilities > CVE-2018-11218 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
redislabs
debian
oracle
redhat
CWE-787
critical
nessus

Summary

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.

Vulnerable Configurations

Part Description Count
Application
Redislabs
202
Application
Oracle
2
Application
Redhat
2
OS
Debian
1

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4230.NASL
    descriptionMultiple vulnerabilities were discovered in the Lua subsystem of Redis, a persistent key-value database, which could result in denial of service.
    last seen2020-06-01
    modified2020-06-02
    plugin id110571
    published2018-06-18
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110571
    titleDebian DSA-4230-1 : redis - security update
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2018-667.NASL
    descriptionThis update for redis to 4.0.10 fixes the following issues : These security issues were fixed : - CVE-2018-11218: Prevent heap corruption vulnerability in cmsgpack (bsc#1097430). - CVE-2018-11219: Prevent integer overflow in Lua scripting (bsc#1097768). For Leap 42.3 and openSUSE SLE 12 backports this is a jump from 4.0.6. For additional details please see - https://raw.githubusercontent.com/antirez/redis/4.0.9/00-RELEASENOTES - https://raw.githubusercontent.com/antirez/redis/4.0.8/00-RELEASENOTES - https://raw.githubusercontent.com/antirez/redis/4.0.7/00-RELEASENOTES
    last seen2020-06-05
    modified2018-06-25
    plugin id110678
    published2018-06-25
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110678
    titleopenSUSE Security Update : redis (openSUSE-2018-667)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201908-04.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201908-04 (Redis: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Redis. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id127562
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127562
    titleGLSA-201908-04 : Redis: Multiple vulnerabilities
  • NASL familyMisc.
    NASL idREDIS_4_0_10.NASL
    descriptionThe version of Redis installed on the remote host is affected by multiple vulnerabilities and therefore requires a security update.
    last seen2020-06-01
    modified2020-06-02
    plugin id117484
    published2018-09-14
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117484
    titlePivotal Software Redis LUA < 3.2.12 / 4.0.x < 4.0.10 / 5.0 < 5.0rc2 Multiple Vulnerabilities
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2018-1_0-0156.NASL
    descriptionAn update of 'redis' packages of Photon OS has been released.
    last seen2019-02-08
    modified2019-02-07
    plugin id111940
    published2018-08-17
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=111940
    titlePhoton OS 1.0: Redis PHSA-2018-1.0-0156 (deprecated)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2018-1_0-0156_REDIS.NASL
    descriptionAn update of the redis package has been released.
    last seen2020-03-17
    modified2019-02-07
    plugin id121854
    published2019-02-07
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121854
    titlePhoton OS 1.0: Redis PHSA-2018-1.0-0156
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-481.NASL
    descriptionThis update for redis to 4.0.10 fixes the following issues : These security issues were fixed : - CVE-2018-11218: Prevent heap corruption vulnerability in cmsgpack (bsc#1097430). - CVE-2018-11219: Prevent integer overflow in Lua scripting (bsc#1097768). For Leap 42.3 and openSUSE SLE 12 backports this is a jump from 4.0.6. For additional details please see - https://raw.githubusercontent.com/antirez/redis/4.0.9/00-RELEASENOTES - https://raw.githubusercontent.com/antirez/redis/4.0.8/00-RELEASENOTES - https://raw.githubusercontent.com/antirez/redis/4.0.7/00-RELEASENOTES
    last seen2020-05-31
    modified2019-03-27
    plugin id123199
    published2019-03-27
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123199
    titleopenSUSE Security Update : redis (openSUSE-2019-481)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2018-2_0-0070.NASL
    descriptionAn update of 'redis', 'vim' packages of Photon OS has been released.
    last seen2019-02-08
    modified2019-02-07
    plugin id111955
    published2018-08-17
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=111955
    titlePhoton OS 2.0: Redis / Vim PHSA-2018-2.0-0070 (deprecated)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2018-2_0-0070_REDIS.NASL
    descriptionAn update of the redis package has been released.
    last seen2020-03-17
    modified2019-02-07
    plugin id121964
    published2019-02-07
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121964
    titlePhoton OS 2.0: Redis PHSA-2018-2.0-0070

Redhat

advisories
  • rhsa
    idRHSA-2019:0052
  • rhsa
    idRHSA-2019:0094
  • rhsa
    idRHSA-2019:1860
rpms
  • redis-0:3.0.6-4.el7ost
  • redis-debuginfo-0:3.0.6-4.el7ost
  • redis-0:3.2.8-3.el7ost
  • redis-debuginfo-0:3.2.8-3.el7ost
  • rh-redis32-redis-0:3.2.13-1.el6
  • rh-redis32-redis-0:3.2.13-1.el7
  • rh-redis32-redis-debuginfo-0:3.2.13-1.el6
  • rh-redis32-redis-debuginfo-0:3.2.13-1.el7