PT-2023-6560 · Redis+10 · Redis+10

Al2Klimov

·

Publicado

2023-10-18

·

Atualizado

2026-05-18

·

CVE-2023-45145

CVSS v3.1

9.8

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Redis versions prior to 6.2.14 Redis versions prior to 7.0.14 Redis versions prior to 7.2.2
Description Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its permissions to the user-provided configuration. If a permissive umask(2) is used, this creates a race condition that enables, during a short period of time, another process to establish an otherwise unauthorized connection. This problem has existed since Redis 2.6.0-RC1.
Recommendations For versions prior to 6.2.14, upgrade to version 6.2.14 or later. For versions prior to 7.0.14, upgrade to version 7.0.14 or later. For versions prior to 7.2.2, upgrade to version 7.2.2 or later. As a temporary workaround, consider disabling Unix sockets, starting Redis with a restrictive umask, or storing the Unix socket file in a protected directory.

Exploit

Correção

Exposure of Resource to Wrong Sphere

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-668

Identificadores relacionados

ALSA-2024:10869
ALSA-2025:0595
ALSA-2025:0693
ALT-PU-2023-7052
ALT-PU-2023-7053
ALT-PU-2025-11673
ALT-PU-2025-13204
ALT-PU-2025-1404
ALT-PU-2025-1408
AZL-31653
BDU:2023-07323
BIT-KEYDB-2023-45145
BIT-REDIS-2023-45145
BIT-VALKEY-2023-45145
CESA-2025_0595
CLEANSTART-2026-AF35851
CLEANSTART-2026-AV02020
CLEANSTART-2026-BX37171
CLEANSTART-2026-CJ12020
CLEANSTART-2026-CU71831
CLEANSTART-2026-DI78859
CLEANSTART-2026-DL37890
CLEANSTART-2026-EL98096
CLEANSTART-2026-FR00621
CLEANSTART-2026-GJ95666
CLEANSTART-2026-IR62391
CLEANSTART-2026-JR53141
CLEANSTART-2026-JU65303
CLEANSTART-2026-LU31244
CLEANSTART-2026-MJ64494
CLEANSTART-2026-MZ27698
CLEANSTART-2026-NG71279
CLEANSTART-2026-PR27884
CLEANSTART-2026-QK48981
CLEANSTART-2026-QX99194
CLEANSTART-2026-RA63757
CLEANSTART-2026-RF40424
CLEANSTART-2026-SG88217
CLEANSTART-2026-UA95882
CLEANSTART-2026-WI17406
CLEANSTART-2026-XH31600
CLEANSTART-2026-YM75307
CVE-2023-45145
DLA-3627-1
DLA-3885-1
DSA-5610-1
GHSA-GHMP-889M-7CVX
INFSA-2024_10869
INFSA-2025_0595
INFSA-2025_0693
MGASA-2023-0301
OESA-2024-2230
OESA-2024-2269
OESA-2024-2270
OESA-2024-2271
OESA-2024-2272
OPENSUSE-SU-2023_4290-1
OPENSUSE-SU-2024:13354-1
OPENSUSE-SU-2024_0200-1
RHSA-2024:10869
RHSA-2024_10869
RHSA-2025:0595
RHSA-2025:0693
RHSA-2025_0595
RHSA-2025_0693
RLSA-2025:0595
RLSA-2025:0693
SUSE-SU-2023:4290-1
SUSE-SU-2023:4376-1
SUSE-SU-2023_4290-1
SUSE-SU-2023_4376-1
SUSE-SU-2024:0200-1
SUSE-SU-2024_0200-1
USN-6531-1

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Red Os
Redis
Rocky Linux
Suse
Ubuntu