CVE-2022-35977

Description

Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory (OOM) panic. The problem is fixed in Redis versions 7.0.8, 6.2.9 and 6.0.17. Users are advised to upgrade. There are no known workarounds for this vulnerability.

How to fix CVE-2022-35977

To remediate CVE-2022-35977, upgrade the affected package to a fixed version below.

• —upgrade to 6.2.9-r0 or later
• —upgrade to 6.0.17 or later
• —upgrade to 6.0.17 or later
• —upgrade to 6.0.17 or later
• —upgrade to 5:6.0.16-1+deb11u4 or later
• —upgrade to 5:6.0.16-1+deb11u4 or later

Is CVE-2022-35977 being exploited?

Moderate — EPSS is 35.6%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (6)

• from 0, < 6.2.9-r0
• >= 6.0.0, < 6.0.17, >= 6.2.0, < 6.2.9, >= 7.0.0, < 7.0.8
• >= 6.0.0, < 6.0.17, >= 6.2.0, < 6.2.9, >= 7.0.0, < 7.0.8
• >= 6.0.0, < 6.0.17, >= 6.2.0, < 6.2.9, >= 7.0.0, < 7.0.8
• from 0, < 5:6.0.16-1+deb11u4
• from 0, < 5:6.0.16-1+deb11u4

CVSS scores

References (9)

• ADVISORYsecurity.alpinelinux.org/vuln/CVE-2022-35977
• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2022-35977
• WEBgithub.com/redis/redis/commit/1ec82e6e97e1db06a72ca505f9fbf6b981f31ef7
• WEBgithub.com/redis/redis/releases/tag/6.0.17