Upstream information

CVE-2021-32765 at MITRE

Description

Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted `RESP` `mult-bulk` protocol data. When parsing `multi-bulk` (array-like) replies, hiredis fails to check if `count * sizeof(redisReply*)` can be represented in `SIZE_MAX`. If it can not, and the `calloc()` call doesn't itself make this check, it would result in a short allocation and subsequent buffer overflow. Users of hiredis who are unable to update may set the [maxelements](https://github.com/redis/hiredis#reader-max-array-elements) context option to a value small enough that no overflow is possible.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 6.5
Vector AV:N/AC:L/Au:S/C:P/I:P/A:P
Access Vector Network
Access Complexity Low
Authentication Single
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
CVSS v3 Scores
  National Vulnerability Database
Base Score 8.8
Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality Impact High
Integrity Impact High
Availability Impact High
CVSSv3 Version 3.1
SUSE Bugzilla entry: 1191331 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Package Hub 15 SP2
  • hiredis >= 0.13.3-bp152.4.3.1
  • hiredis-devel >= 0.13.3-bp152.4.3.1
  • libhiredis0_13 >= 0.13.3-bp152.4.3.1
Patchnames:
openSUSE-2021-1550
SUSE Package Hub 15 SP3
  • hiredis >= 0.13.3-bp153.2.3.1
  • hiredis-devel >= 0.13.3-bp153.2.3.1
  • libhiredis0_13 >= 0.13.3-bp153.2.3.1
Patchnames:
openSUSE-2021-1536
openSUSE Leap 15.2
  • hiredis >= 0.13.3-lp152.4.3.1
  • hiredis-devel >= 0.13.3-lp152.4.3.1
  • libhiredis0_13 >= 0.13.3-lp152.4.3.1
Patchnames:
openSUSE-2021-1536
openSUSE Leap 15.3
  • hiredis >= 0.13.3-bp153.2.3.1
  • hiredis-devel >= 0.13.3-bp153.2.3.1
  • libhiredis0_13 >= 0.13.3-bp153.2.3.1
Patchnames:
openSUSE-2021-1536
openSUSE Tumbleweed
  • hiredis >= 1.0.2-1.1
  • hiredis-devel >= 1.0.2-1.1
  • libhiredis1_0_0 >= 1.0.2-1.1
Patchnames:
openSUSE Tumbleweed GA hiredis-1.0.2-1.1


SUSE Timeline for this CVE

CVE page created: Tue Oct 5 14:30:29 2021
CVE page last modified: Tue May 23 18:08:30 2023