Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-49112

Опубликовано: 02 июн. 2025
Источник: redhat
CVSS3: 3.1
EPSS Низкий

Описание

setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev->size - prev->used.

A flaw was found in valkey. An integer underflow in the setDeferredReply function of networking.c allows an adjacent network attacker to potentially trigger unexpected behavior. This underflow occurs when calculating prev->size - prev->used, leading to a condition that may result in a denial of service. The vulnerability is triggered by processing a specially crafted network packet.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10valkeyFix deferred

Показывать по

Дополнительная информация

Статус:

Low
Дефект:
CWE-191
https://bugzilla.redhat.com/show_bug.cgi?id=2369697valkey: Valkey Integer Underflow Vulnerability

EPSS

Процентиль: 5%
0.00026
Низкий

3.1 Low

CVSS3

Связанные уязвимости

CVSS3: 3.1
ubuntu
2 месяца назад

setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev->size - prev->used.

CVSS3: 3.1
nvd
2 месяца назад

setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev->size - prev->used.

CVSS3: 3.1
msrc
27 дней назад

Описание отсутствует

CVSS3: 3.1
debian
2 месяца назад

setDeferredReply in networking.c in Valkey through 8.1.1 has an intege ...

CVSS3: 3.1
github
2 месяца назад

setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev->size - prev->used.

EPSS

Процентиль: 5%
0.00026
Низкий

3.1 Low

CVSS3