Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2021.0373
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2021-0373)
Zusammenfassung:	The remote host is missing an update for the 'redis' package(s) announced via the MGASA-2021-0373 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'redis' package(s) announced via the MGASA-2021-0373 advisory. Vulnerability Insight: An integer overflow bug in Redis version 6.0 or newer could be exploited using the `STRALGO LCS` command to corrupt the heap and potentially result with remote code execution (CVE-2021-29477). An integer overflow bug in Redis 6.2 before 6.2.3 could be exploited to corrupt the heap and potentially result with remote code execution (CVE-2021-29478). A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15 and 6.2.5. On 32-bit systems, Redis `*BIT*` command are vulnerable to integer overflow that can potentially be exploited to corrupt the heap, leak arbitrary heap contents or trigger remote code execution (CVE-2021-32761). Affected Software/OS: 'redis' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2021-29477 https://github.com/redis/redis/security/advisories/GHSA-vqxj-26vj-996g https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN7INTZFE34MIQJO7WDDTIY5LIBGN6GI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZJ6JGQ2ETZB2DWTQSGCOGG7EF3ILV4V/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPWBIZXA67JFIB63W2CNVVILCGIC2ME5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHWOF7CBVUGDK3AN6H3BN3VNTH2TDUZZ/ https://security.gentoo.org/glsa/202107-20 https://redis.io/ Common Vulnerability Exposure (CVE) ID: CVE-2021-29478 https://github.com/redis/redis/security/advisories/GHSA-qh52-crrg-44g3 Common Vulnerability Exposure (CVE) ID: CVE-2021-32761 https://github.com/redis/redis/security/advisories/GHSA-8wxq-j7rp-g8wj Debian Security Information: DSA-5001 (Google Search) https://www.debian.org/security/2021/dsa-5001 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VGX7RRAWGXWXEAKJTQYSDSBO2BC3SAHD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6O7AUOROBYGP5IMGJPC5HZ3R2RB6GZ5X/ https://security.gentoo.org/glsa/202209-17 https://lists.debian.org/debian-lts-announce/2021/07/msg00017.html https://lists.debian.org/debian-lts-announce/2021/08/msg00026.html
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.