Bug ID | 1178205 |
---|---|
Summary | VUL-0: redis: potential heap overflow when using a heap allocator other than jemalloc or glibc's malloc |
Classification | openSUSE |
Product | openSUSE Distribution |
Version | Leap 15.2 |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Security |
Assignee | mrueckert@suse.com |
Reporter | Andreas.Stieger@gmx.de |
QA Contact | qa-bugs@suse.de |
CC | security-team@suse.de |
Found By | --- |
Blocker | --- |
Redis 6.0.9 fixes a potential heap overflow when using a heap allocator other than jemalloc or glibc's malloc. When using a system with no malloc_usable_size(), zmalloc_size() assumed that the heap allocator always returns blocks that are long-padded. This may not always be the case, and will result with zmalloc_size() returning a size that is bigger than allocated. At least in one case this leads to out of bound write, process crash and a potential security vulnerability. Effectively this does not affect the vast majority of users, who use jemalloc or glibc. https://raw.githubusercontent.com/redis/redis/6.0/00-RELEASENOTES https://github.com/redis/redis/pull/7963