Unrated severityNVD Advisory· Published Jan 10, 2024· Updated Jun 17, 2025
Redis vulnerable to integer overflow in certain payloads
CVE-2023-41056
Description
Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
60- osv-coords58 versionspkg:apk/chainguard/redis-6.2pkg:apk/chainguard/redis-6.2-bitnami-compatpkg:apk/chainguard/redis-6.2-iamguarded-compatpkg:apk/chainguard/redis-7.0pkg:apk/chainguard/redis-7.0-bitnami-compatpkg:apk/chainguard/redis-7.2pkg:apk/chainguard/redis-7.2-bitnami-compatpkg:apk/chainguard/redis-7.2-iamguarded-compatpkg:apk/chainguard/redis-benchmark-6.2pkg:apk/chainguard/redis-benchmark-7.0pkg:apk/chainguard/redis-benchmark-7.2pkg:apk/chainguard/redis-check-aof-6.2pkg:apk/chainguard/redis-check-aof-7.0pkg:apk/chainguard/redis-check-rdb-6.2pkg:apk/chainguard/redis-check-rdb-7.0pkg:apk/chainguard/redis-cli-6.2pkg:apk/chainguard/redis-cli-7.0pkg:apk/chainguard/redis-cli-7.2pkg:apk/chainguard/redis-cluster-6.2-bitnami-compatpkg:apk/chainguard/redis-cluster-6.2-iamguarded-compatpkg:apk/chainguard/redis-cluster-7.0-bitnami-compatpkg:apk/chainguard/redis-cluster-7.2-bitnami-compatpkg:apk/chainguard/redis-cluster-7.2-iamguarded-compatpkg:apk/chainguard/redis-sentinel-6.2pkg:apk/chainguard/redis-sentinel-6.2-bitnami-compatpkg:apk/chainguard/redis-sentinel-6.2-iamguarded-compatpkg:apk/chainguard/redis-sentinel-7.0pkg:apk/chainguard/redis-sentinel-7.0-bitnami-compatpkg:apk/chainguard/redis-sentinel-7.2-bitnami-compatpkg:apk/chainguard/redis-sentinel-7.2-iamguarded-compatpkg:apk/wolfi/redis-6.2pkg:apk/wolfi/redis-6.2-bitnami-compatpkg:apk/wolfi/redis-7.0pkg:apk/wolfi/redis-7.0-bitnami-compatpkg:apk/wolfi/redis-7.2pkg:apk/wolfi/redis-7.2-bitnami-compatpkg:apk/wolfi/redis-benchmark-6.2pkg:apk/wolfi/redis-benchmark-7.0pkg:apk/wolfi/redis-benchmark-7.2pkg:apk/wolfi/redis-check-aof-6.2pkg:apk/wolfi/redis-check-aof-7.0pkg:apk/wolfi/redis-check-rdb-6.2pkg:apk/wolfi/redis-check-rdb-7.0pkg:apk/wolfi/redis-cli-6.2pkg:apk/wolfi/redis-cli-7.0pkg:apk/wolfi/redis-cli-7.2pkg:apk/wolfi/redis-cluster-6.2-bitnami-compatpkg:apk/wolfi/redis-cluster-7.0-bitnami-compatpkg:apk/wolfi/redis-cluster-7.2-bitnami-compatpkg:apk/wolfi/redis-sentinel-6.2pkg:apk/wolfi/redis-sentinel-6.2-bitnami-compatpkg:apk/wolfi/redis-sentinel-7.0pkg:apk/wolfi/redis-sentinel-7.0-bitnami-compatpkg:apk/wolfi/redis-sentinel-7.2-bitnami-compatpkg:bitnami/keydbpkg:bitnami/redispkg:bitnami/valkeypkg:rpm/opensuse/redis&distro=openSUSE%20Tumbleweed
< 0+ 57 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 7.2.4-r0
- (no CPE)range: < 7.2.4-r0
- (no CPE)range: < 7.2.4-r0
- (no CPE)range: < 0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 7.2.4-r0
- (no CPE)range: < 0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 7.2.4-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 7.2.4-r0
- (no CPE)range: < 7.2.4-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 7.2.4-r0
- (no CPE)range: < 7.2.4-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 7.2.4-r0
- (no CPE)range: < 7.2.4-r0
- (no CPE)range: < 0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 7.2.4-r0
- (no CPE)range: < 0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 7.2.4-r0
- (no CPE)range: < 0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 7.2.4-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 7.0.15-r0
- (no CPE)range: < 7.2.4-r0
- (no CPE)range: >= 7.0.9, < 7.0.15
- (no CPE)range: >= 7.0.9, < 7.0.15
- (no CPE)range: >= 7.0.9, < 7.0.15
- (no CPE)range: < 7.2.4-1.1
Patches
Vulnerability mechanics
References
6- github.com/redis/redis/releases/tag/7.0.15mitrex_refsource_MISC
- github.com/redis/redis/releases/tag/7.2.4mitrex_refsource_MISC
- github.com/redis/redis/security/advisories/GHSA-xr47-pcmx-fq2mmitrex_refsource_CONFIRM
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JTGQJ2YLYB24B72I5B5H32YIMPVSWIT/mitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JTWHPLC3RI67VNRDOIXLDVNC5YMYBMQN/mitre
- security.netapp.com/advisory/ntap-20240223-0003/mitre
News mentions
1- GitLab Critical Security Release: 16.8.1, 16.7.4, 16.6.6, 16.5.8GitLab Security Releases · Jan 25, 2024