Vulnerabilities > CVE-2018-11218 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
redislabs
debian
oracle
redhat
CWE-787
nessus

Summary

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.

Vulnerable Configurations

Part Description Count
Application
Redislabs
201
Application
Oracle
2
Application
Redhat
2
OS
Debian
1

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4230.NASL
    descriptionMultiple vulnerabilities were discovered in the Lua subsystem of Redis, a persistent key-value database, which could result in denial of service.
    last seen2020-06-01
    modified2020-06-02
    plugin id110571
    published2018-06-18
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110571
    titleDebian DSA-4230-1 : redis - security update
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2018-667.NASL
    descriptionThis update for redis to 4.0.10 fixes the following issues : These security issues were fixed : - CVE-2018-11218: Prevent heap corruption vulnerability in cmsgpack (bsc#1097430). - CVE-2018-11219: Prevent integer overflow in Lua scripting (bsc#1097768). For Leap 42.3 and openSUSE SLE 12 backports this is a jump from 4.0.6. For additional details please see - https://raw.githubusercontent.com/antirez/redis/4.0.9/00-RELEASENOTES - https://raw.githubusercontent.com/antirez/redis/4.0.8/00-RELEASENOTES - https://raw.githubusercontent.com/antirez/redis/4.0.7/00-RELEASENOTES
    last seen2020-06-05
    modified2018-06-25
    plugin id110678
    published2018-06-25
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110678
    titleopenSUSE Security Update : redis (openSUSE-2018-667)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201908-04.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201908-04 (Redis: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Redis. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id127562
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127562
    titleGLSA-201908-04 : Redis: Multiple vulnerabilities
  • NASL familyMisc.
    NASL idREDIS_4_0_10.NASL
    descriptionThe version of Redis installed on the remote host is affected by multiple vulnerabilities and therefore requires a security update.
    last seen2020-06-01
    modified2020-06-02
    plugin id117484
    published2018-09-14
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117484
    titlePivotal Software Redis LUA < 3.2.12 / 4.0.x < 4.0.10 / 5.0 < 5.0rc2 Multiple Vulnerabilities
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2018-1_0-0156.NASL
    descriptionAn update of 'redis' packages of Photon OS has been released.
    last seen2019-02-08
    modified2019-02-07
    plugin id111940
    published2018-08-17
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=111940
    titlePhoton OS 1.0: Redis PHSA-2018-1.0-0156 (deprecated)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2018-1_0-0156_REDIS.NASL
    descriptionAn update of the redis package has been released.
    last seen2020-03-17
    modified2019-02-07
    plugin id121854
    published2019-02-07
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121854
    titlePhoton OS 1.0: Redis PHSA-2018-1.0-0156
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-481.NASL
    descriptionThis update for redis to 4.0.10 fixes the following issues : These security issues were fixed : - CVE-2018-11218: Prevent heap corruption vulnerability in cmsgpack (bsc#1097430). - CVE-2018-11219: Prevent integer overflow in Lua scripting (bsc#1097768). For Leap 42.3 and openSUSE SLE 12 backports this is a jump from 4.0.6. For additional details please see - https://raw.githubusercontent.com/antirez/redis/4.0.9/00-RELEASENOTES - https://raw.githubusercontent.com/antirez/redis/4.0.8/00-RELEASENOTES - https://raw.githubusercontent.com/antirez/redis/4.0.7/00-RELEASENOTES
    last seen2020-05-31
    modified2019-03-27
    plugin id123199
    published2019-03-27
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123199
    titleopenSUSE Security Update : redis (openSUSE-2019-481)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2018-2_0-0070.NASL
    descriptionAn update of 'redis', 'vim' packages of Photon OS has been released.
    last seen2019-02-08
    modified2019-02-07
    plugin id111955
    published2018-08-17
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=111955
    titlePhoton OS 2.0: Redis / Vim PHSA-2018-2.0-0070 (deprecated)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2018-2_0-0070_REDIS.NASL
    descriptionAn update of the redis package has been released.
    last seen2020-03-17
    modified2019-02-07
    plugin id121964
    published2019-02-07
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121964
    titlePhoton OS 2.0: Redis PHSA-2018-2.0-0070

Redhat

advisories
  • rhsa
    idRHSA-2019:0052
  • rhsa
    idRHSA-2019:0094
  • rhsa
    idRHSA-2019:1860
rpms
  • redis-0:3.0.6-4.el7ost
  • redis-debuginfo-0:3.0.6-4.el7ost
  • redis-0:3.2.8-3.el7ost
  • redis-debuginfo-0:3.2.8-3.el7ost
  • rh-redis32-redis-0:3.2.13-1.el6
  • rh-redis32-redis-0:3.2.13-1.el7
  • rh-redis32-redis-debuginfo-0:3.2.13-1.el6
  • rh-redis32-redis-debuginfo-0:3.2.13-1.el7