[Apollo] Advisories Statistics light light Login

RLSA-2025:19237

Security Mirrored from RHSA-2025:19237
Issued at: 2025-11-06
Updated at: 2025-11-13

Synopsis

Important: redis security update



Description

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.

Security Fix(es):

* redis: Lua library commands may lead to integer overflow and potential RCE (CVE-2025-46817)

* Redis: Redis: Authenticated users can execute LUA scripts as a different user (CVE-2025-46818)

* Redis: Redis is vulnerable to DoS via specially crafted LUA scripts (CVE-2025-46819)

* Redis: Redis Lua Use-After-Free may lead to remote code execution (CVE-2025-49844)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 9.6 aarch64 Rocky Linux 9.6 ppc64le Rocky Linux 9.6 s390x Rocky Linux 9.6 x86_64

Fixes

2401258 2401292 2401322 2401324

CVEs

CVE-2025-46817 CVE-2025-46818 CVE-2025-46819 CVE-2025-49844

Affected packages

Rocky Linux 9.6 aarch64 - AppStream

redis-0:6.2.20-1.el9_6.aarch64.rpm redis-0:6.2.20-1.el9_6.src.rpm redis-debuginfo-0:6.2.20-1.el9_6.aarch64.rpm redis-debugsource-0:6.2.20-1.el9_6.aarch64.rpm redis-devel-0:6.2.20-1.el9_6.aarch64.rpm redis-doc-0:6.2.20-1.el9_6.noarch.rpm

Rocky Linux 9.6 ppc64le - AppStream

redis-0:6.2.20-1.el9_6.ppc64le.rpm redis-0:6.2.20-1.el9_6.src.rpm redis-debuginfo-0:6.2.20-1.el9_6.ppc64le.rpm redis-debugsource-0:6.2.20-1.el9_6.ppc64le.rpm redis-devel-0:6.2.20-1.el9_6.ppc64le.rpm redis-doc-0:6.2.20-1.el9_6.noarch.rpm

Rocky Linux 9.6 s390x - AppStream

redis-0:6.2.20-1.el9_6.s390x.rpm redis-0:6.2.20-1.el9_6.src.rpm redis-debuginfo-0:6.2.20-1.el9_6.s390x.rpm redis-debugsource-0:6.2.20-1.el9_6.s390x.rpm redis-devel-0:6.2.20-1.el9_6.s390x.rpm redis-doc-0:6.2.20-1.el9_6.noarch.rpm

Rocky Linux 9.6 x86_64 - AppStream

redis-0:6.2.20-1.el9_6.src.rpm redis-0:6.2.20-1.el9_6.x86_64.rpm redis-debuginfo-0:6.2.20-1.el9_6.x86_64.rpm redis-debugsource-0:6.2.20-1.el9_6.x86_64.rpm redis-devel-0:6.2.20-1.el9_6.i686.rpm redis-devel-0:6.2.20-1.el9_6.x86_64.rpm redis-doc-0:6.2.20-1.el9_6.noarch.rpm