CVE-2023-25155
Published: 02 March 2023
Summary
CVE-2023-25155 is a medium-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Redis Redis. Its CVSS base score is 5.5 (Medium).
Operationally, ranked in the top 10.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Redis is an in-memory database that persists on disk and is affected by CVE-2023-25155, an integer overflow vulnerability (CWE-190) present in all versions. The issue manifests when authenticated users issue specially crafted SRANDMEMBER, ZRANDMEMBER, or HRANDFIELD commands, triggering a runtime assertion that terminates the Redis server process. The vulnerability carries a CVSS score of 5.5, reflecting local access requirements with low attack complexity and privileges but high impact on availability.
Authenticated users with the ability to execute the affected commands can exploit this flaw to cause a denial of service by crashing the Redis instance. Because the attack requires authentication and local vector per the CVSS metrics, it is typically limited to insiders or compromised accounts rather than remote unauthenticated attackers.
Advisories and patches released by the Redis project recommend upgrading to versions 6.0.18, 6.2.11, or 7.0.9, which contain fixes for the integer overflow. The corresponding commits and release notes are available in the project's GitHub repository, along with a detailed security advisory.
The exploitation probability remains low, with an EPSS score peaking at approximately 0.06, indicating limited observed interest in active exploitation following disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-29130
Vulnerability details
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all…
more
Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.