Redis Vulnerability Security Update Advisory (CVE-2023-41056)

Jan 16 2024

Overview

An update has been made available to address an Integer Overflow vulnerability in Redis(https://github.com/redis/redis). Users of affected versions are advised to update to the latest version.

Affected Products

Redis 7.0.9 and later versions

Resolved Vulnerabilities

An Integer Overflow vulnerability due to incorrect handling of memory buffer resizing in Redis, which could potentially cause a Heap Overflow and Remote Code Execution. (CVE-2023-41056)

Vulnerability Patches

Vulnerability patches were made available in the 01/09/2024 update. If you are using Redis, please follow the instructions on the reference site to update to the latest version.

Redis 7.0.15 and 7.2.4 versions

Referenced Sites

[1] https://github.com/redis/redis/security/advisories/GHSA-xr47-pcmx-fq2m

[2] https://github.com/redis/redis/releases/tag/7.0.15

[3] https://github.com/redis/redis/releases/tag/7.2.4

Redis Vulnerability Security Update Advisory (CVE-2023-41056)

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Dell (Dell iDRAC Service Module) Products January 2024 1st Security Update Advisory

SonicWall Family January 2024 1st Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Dell (Dell iDRAC Service Module) Products January 2024 1st Security Update Advisory

SonicWall Family January 2024 1st Security Update Advisory