发布于3月6日3月6日 Members Rocky Linux: CVE-2022-36021: redis-6 (RLSA-2025-0595) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/01/2023 Created 02/15/2025 Added 02/14/2025 Modified 02/14/2025 Description Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9. Solution(s) rocky-upgrade-redis rocky-upgrade-redis-debuginfo rocky-upgrade-redis-debugsource rocky-upgrade-redis-devel References https://attackerkb.com/topics/cve-2022-36021 CVE - 2022-36021 https://errata.rockylinux.org/RLSA-2025:0595
