Upstream information

CVE-2020-14147 at MITRE

Description

An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. NOTE: this issue exists because of a CVE-2015-8080 regression.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4
Vector AV:N/AC:L/Au:S/C:N/I:N/A:P
Access Vector Network
Access Complexity Low
Authentication Single
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
CVSS v3 Scores
  National Vulnerability Database
Base Score 7.7
Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Access Vector Network
Access Complexity Low
Privileges Required Low
User Interaction None
Scope Changed
Confidentiality Impact None
Integrity Impact None
Availability Impact High
CVSSv3 Version 3.1
SUSE Bugzilla entry: 1173018 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Package Hub for SUSE Linux Enterprise 12
  • redis >= 4.0.14-24.1
  • redis-debuginfo >= 4.0.14-lp151.2.6.1
  • redis-debugsource >= 4.0.14-lp151.2.6.1
Patchnames:
openSUSE-2020-1035
openSUSE Leap 15.1
  • redis >= 4.0.14-lp151.2.6.1
  • redis-debuginfo >= 4.0.14-lp151.2.6.1
  • redis-debugsource >= 4.0.14-lp151.2.6.1
Patchnames:
openSUSE-2020-1035