An integer overflow bug in Redis versions 6.0 up to 6.2.3 can be exploited using the STRALGO LCS command to corrupt the heap and potentially result in remote code execution. This is a result of an incomplete fix of CVE-2021-29477.
An integer overflow bug in Redis versions 6.0 up to 6.2.3 can be exploited using the STRALGO LCS command to corrupt the heap and potentially result in remote code execution. This is a result of an incomplete fix of CVE-2021-29477.
https://github.com/redis/redis/security/advisories/GHSA-46cp-x4x9-6pfq https://github.com/redis/redis/pull/9011 https://github.com/redis/redis/pull/9019 https://github.com/redis/redis/commit/e9a1438ac4c52aa68dfa2a8324b6419356842116
Workaround ========== A workaround to mitigate the problem is to use an ACL configuration to prevent clients from using the STRALGO LCS command. On systems running Redis version 6.2.3, it is sufficient to make sure that the proto-max-bulk-len config parameter is smaller than 2GB (default is 512MB).