CVE-2024-51741

CVE-2024-51741

Name

CVE-2024-51741

Description

Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem is fixed in Redis 7.2.7 and 7.4.2.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
CONFIRM	https://github.com/redis/redis/security/advisories/GHSA-prpq-rh5h-46g9

Type

URI

CONFIRM

https://github.com/redis/redis/security/advisories/GHSA-prpq-rh5h-46g9

CPE URI	Source package	Min version	Max version
	redis	>= 7.0.0	< 7.2.7
	redis	>= 7.4.0	< 7.4.2

CPE URI

Source package

Min version

Max version

redis

>= 7.0.0

< 7.2.7

redis

>= 7.4.0

< 7.4.2

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
valkey	edge-main	7.2.8-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
valkey	3.22-main	7.2.8-r0	None	fixed
valkey	3.21-main	7.2.8-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
valkey	3.20-main	7.2.8-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
redis	edge-community	7.2.7-r0	fossdd <fossdd@pwned.life>	fixed
redis	edge-community	7.2.5-r2	fossdd <fossdd@pwned.life>	possibly vulnerable
redis	edge-community	7.2.5-r1	TBK <alpine@jjtc.eu>	possibly vulnerable
redis	edge-community	7.2.5-r0	TBK <alpine@jjtc.eu>	possibly vulnerable
redis	edge-community	7.2.4-r1	TBK <alpine@jjtc.eu>	possibly vulnerable
redis	edge-community	7.2.4-r0	None	possibly vulnerable
redis	edge-community	7.2.2-r0	None	possibly vulnerable
redis	edge-community	7.2.1-r0	None	possibly vulnerable
redis	edge-community	7.0.8-r0	None	possibly vulnerable
redis	edge-community	7.0.6-r0	None	possibly vulnerable
redis	edge-community	7.0.5-r0	None	possibly vulnerable
redis	edge-community	7.0.4-r0	None	possibly vulnerable
redis	edge-community	7.0.12-r0	None	possibly vulnerable
redis	3.22-community	7.2.7-r0	None	fixed
redis	3.21-community	7.2.7-r0	fossdd <fossdd@pwned.life>	fixed
redis	3.19-main	7.2.7-r0	TBK <alpine@jjtc.eu>	fixed
redis	3.19-main	7.2.4-r1	TBK <alpine@jjtc.eu>	possibly vulnerable
redis	3.18-main	7.0.15-r2	TBK <alpine@jjtc.eu>	fixed
redict	edge-community	7.3.2-r0	fossdd <fossdd@pwned.life>	fixed
redict	3.22-community	7.3.2-r0	None	fixed
redict	3.21-community	7.3.2-r0	fossdd <fossdd@pwned.life>	fixed

Source package

Branch

Version

Maintainer

Status

valkey

edge-main

7.2.8-r0

Jakub Jirutka <jakub@jirutka.cz>

fixed

valkey

3.22-main