Описание
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-11218
- https://github.com/antirez/redis/issues/5017
- https://github.com/antirez/redis/commit/52a00201fca331217c3b4b8b634f6a0f57d6b7d3
- https://github.com/antirez/redis/commit/5ccb6f7a791bf3490357b00a898885759d98bab0
- https://access.redhat.com/errata/RHSA-2019:0052
- https://access.redhat.com/errata/RHSA-2019:0094
- https://access.redhat.com/errata/RHSA-2019:1860
- https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES
- https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES
- https://security.gentoo.org/glsa/201908-04
- https://www.debian.org/security/2018/dsa-4230
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- http://antirez.com/news/119
- http://www.securityfocus.com/bid/104553
Связанные уязвимости
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
Memory Corruption was discovered in the cmsgpack library in the Lua su ...
Уязвимость библиотеки cmsgpack подсистемы Lua системы управления базами данных Redis, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации