ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2021.0373
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2021-0373)
Resumen:	The remote host is missing an update for the 'redis' package(s) announced via the MGASA-2021-0373 advisory.
Descripción:	Summary: The remote host is missing an update for the 'redis' package(s) announced via the MGASA-2021-0373 advisory. Vulnerability Insight: An integer overflow bug in Redis version 6.0 or newer could be exploited using the `STRALGO LCS` command to corrupt the heap and potentially result with remote code execution (CVE-2021-29477). An integer overflow bug in Redis 6.2 before 6.2.3 could be exploited to corrupt the heap and potentially result with remote code execution (CVE-2021-29478). A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15 and 6.2.5. On 32-bit systems, Redis `*BIT*` command are vulnerable to integer overflow that can potentially be exploited to corrupt the heap, leak arbitrary heap contents or trigger remote code execution (CVE-2021-32761). Affected Software/OS: 'redis' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-29477 https://github.com/redis/redis/security/advisories/GHSA-vqxj-26vj-996g https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN7INTZFE34MIQJO7WDDTIY5LIBGN6GI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZJ6JGQ2ETZB2DWTQSGCOGG7EF3ILV4V/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPWBIZXA67JFIB63W2CNVVILCGIC2ME5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHWOF7CBVUGDK3AN6H3BN3VNTH2TDUZZ/ https://security.gentoo.org/glsa/202107-20 https://redis.io/ Common Vulnerability Exposure (CVE) ID: CVE-2021-29478 https://github.com/redis/redis/security/advisories/GHSA-qh52-crrg-44g3 Common Vulnerability Exposure (CVE) ID: CVE-2021-32761 https://github.com/redis/redis/security/advisories/GHSA-8wxq-j7rp-g8wj Debian Security Information: DSA-5001 (Google Search) https://www.debian.org/security/2021/dsa-5001 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VGX7RRAWGXWXEAKJTQYSDSBO2BC3SAHD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6O7AUOROBYGP5IMGJPC5HZ3R2RB6GZ5X/ https://security.gentoo.org/glsa/202209-17 https://lists.debian.org/debian-lts-announce/2021/07/msg00017.html https://lists.debian.org/debian-lts-announce/2021/08/msg00026.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.