CVE-2024-55656

Name of the Vulnerable Software and Affected Versions RedisBloom versions prior to 2.2.19 RedisBloom versions prior to 2.4.12 RedisBloom versions prior to 2.6.14 RedisBloom versions prior to 2.8.2

Description There is an integer overflow vulnerability in RedisBloom, a module used in Redis. This vulnerability allows an attacker, who is a Redis client with knowledge of the password, to allocate memory in the heap that is lesser than the required memory due to wraparound. As a result, read and write operations can be performed beyond the allocated memory, leading to information leaks and out-of-bounds writes. The integer overflow is located in the CMS.INITBYDIM command, which initializes a Count-Min Sketch to dimensions specified by the user. It accepts two values, width and depth, and uses them to allocate memory in NewCMSketch().

Recommendations For versions prior to 2.2.19, update to version 2.2.19 or later. For versions prior to 2.4.12, update to version 2.4.12 or later. For versions prior to 2.6.14, update to version 2.6.14 or later. For versions prior to 2.8.2, update to version 2.8.2 or later. As a temporary workaround, consider restricting access to the CMS.INITBYDIM command until a patch is available. Avoid using the width and depth parameters in the CMS.INITBYDIM command to minimize the risk of exploitation.