CVE-2024-46981

Redis es una base de datos en memoria de código abierto que persiste en el disco. Un usuario autenticado puede usar un script Lua especialmente manipulado para manipular el recolector de elementos no utilizados y potencialmente provocar la ejecución remota de código. El problema se solucionó en 7.4.2, 7.2.7 y 6.2.17. Un workaround adicional para mitigar el problema sin aplicar un parche al ejecutable redis-server es evitar que los usuarios ejecuten scripts Lua. Esto se puede hacer usando ACL para restringir los comandos EVAL y EVALSHA.

A flaw was found in the Redis server. This flaw allows an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, potentially leading to remote code execution.

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Redis Stack. Authentication is required to exploit this vulnerability.
The specific flaw exists within the Lua module. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the service account.

It was discovered that Redis incorrectly handled certain memory operations during pattern matching. An attacker could possibly use this issue to cause a denial of service. It was discovered that Redis incorrectly handled certain specially crafted Lua scripts. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Redis incorrectly handled some malformed ACL selectors. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.10 and Ubuntu 24.04 LTS.