VDB

GCVE-VVD-MAGEIA-2023-86

GCVE-VVD-MAGEIA-2023-86
Advisory Published
Vulnetix · Advisory published October 3, 2023
Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. (CVE-2023-25155) String matching commands (like SCAN or KEYS) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. (CVE-2022-36021)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiaredis0 (affected), 6.0.18-1.mga8 (unaffected), 0 (affected), 6.0.18-1.mga8 (unaffected)
Mageiasystemd0 (affected), 253.10-1.mga9 (unaffected)

References

Updated redis packages fix security vulnerability
advisory
Updated redis packages fix security vulnerability
issue
Updated redis packages fix security vulnerability
fix
Updated systemd packages fix many issues.
advisory
Updated systemd packages fix many issues.
issue
Updated systemd packages fix many issues.
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›