Red Hat: CVE-2024-51741: redis: Redis allows denial-of-service due to malformed ACL selectors (Multiple Advisories)

Red Hat: CVE-2024-51741: redis: Redis allows denial-of-service due to malformed ACL selectors (Multiple Advisories)

Severity

4

CVSS

(AV:L/AC:L/Au:M/C:N/I:N/A:C)

Published

01/06/2025

Created

01/31/2025

Added

01/30/2025

Modified

01/30/2025

Description

Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem is fixed in Redis 7.2.7 and 7.4.2.

Solution(s)

• redhat-upgrade-redis
• redhat-upgrade-redis-debuginfo
• redhat-upgrade-redis-debugsource
• redhat-upgrade-redis-devel
• redhat-upgrade-redis-doc

References

• CVE-2024-51741
• RHSA-2025:0692