Red Hat Product Errata RHSA-2025:0566 - Security Advisory
Issued:
2025-01-21
Updated:
2025-01-21

RHSA-2025:0566 - Security Advisory

Synopsis

Important: redis:7 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the redis:7 module is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.

Security Fix(es):

  • redis: Redis' Lua library commands may lead to remote code execution (CVE-2024-46981)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x

Fixes

  • BZ - 2336004 - CVE-2024-46981 redis: Redis' Lua library commands may lead to remote code execution

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.src.rpm SHA-256: cd5ec838c80fdb23a35388c19ee2c6bc003161c1ab5041dc94c26eeb3e615f23
x86_64
redis-doc-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.noarch.rpm SHA-256: 0cc01e870ec51b004be47dc6d07701327a7bb94aa059333bcba0be89df6bc630
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.x86_64.rpm SHA-256: 70628f40b52ce52890e5074f86ba9bdbfe0b54d6312dc71edc28fc0aeed4ae27
redis-debuginfo-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.x86_64.rpm SHA-256: 8283c18fa4a45793de3807be073903425ab1a8fa863de198c0211577555d1bf1
redis-debugsource-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.x86_64.rpm SHA-256: b6406b1a8dfb7e9ade75d585fda23a17be497377e2dc0ff4d479087e7f1c7bdb
redis-devel-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.x86_64.rpm SHA-256: 681908ef3375a8f4c1393c6a20720afeb52de4be0f9705ed031b29b6b8fdf3f5

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.src.rpm SHA-256: cd5ec838c80fdb23a35388c19ee2c6bc003161c1ab5041dc94c26eeb3e615f23
x86_64
redis-doc-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.noarch.rpm SHA-256: 0cc01e870ec51b004be47dc6d07701327a7bb94aa059333bcba0be89df6bc630
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.x86_64.rpm SHA-256: 70628f40b52ce52890e5074f86ba9bdbfe0b54d6312dc71edc28fc0aeed4ae27
redis-debuginfo-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.x86_64.rpm SHA-256: 8283c18fa4a45793de3807be073903425ab1a8fa863de198c0211577555d1bf1
redis-debugsource-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.x86_64.rpm SHA-256: b6406b1a8dfb7e9ade75d585fda23a17be497377e2dc0ff4d479087e7f1c7bdb
redis-devel-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.x86_64.rpm SHA-256: 681908ef3375a8f4c1393c6a20720afeb52de4be0f9705ed031b29b6b8fdf3f5

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.src.rpm SHA-256: cd5ec838c80fdb23a35388c19ee2c6bc003161c1ab5041dc94c26eeb3e615f23
s390x
redis-doc-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.noarch.rpm SHA-256: 0cc01e870ec51b004be47dc6d07701327a7bb94aa059333bcba0be89df6bc630
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.s390x.rpm SHA-256: f8c41085642f3e4925acce55d19cc015bf103d3567578db5a4778568057e46f7
redis-debuginfo-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.s390x.rpm SHA-256: 072736f7c3da23f9388826a488ff4db93c5078e5c7f4104dd6cbcaec5bdc4928
redis-debugsource-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.s390x.rpm SHA-256: a09c6f0f8054b8911aedaef72022172cccc658ef20da768896187b12a964b283
redis-devel-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.s390x.rpm SHA-256: 1dbed6f29fd29ca0171adbb477e1d87b1745737e74900165db5f4a095ad39697

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.src.rpm SHA-256: cd5ec838c80fdb23a35388c19ee2c6bc003161c1ab5041dc94c26eeb3e615f23
ppc64le
redis-doc-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.noarch.rpm SHA-256: 0cc01e870ec51b004be47dc6d07701327a7bb94aa059333bcba0be89df6bc630
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.ppc64le.rpm SHA-256: 196ae6e7f456f7c7982a3b7c40f0573f5f8b1263284a9a794c59567e9c1eb3a5
redis-debuginfo-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.ppc64le.rpm SHA-256: 06f9e2d15e0958263d9f3a48ec1b51d76c3eb7baef6c01f8c7534d72d6de3857
redis-debugsource-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.ppc64le.rpm SHA-256: a87b66883ac0366a9848c1dae7450843e522c53615f5d279d14d337a46b9382d
redis-devel-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.ppc64le.rpm SHA-256: dbb6f950c6051bec8d4f5980430cf33243d0a7b108285fd4c3b7e131c9c6a245

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.src.rpm SHA-256: cd5ec838c80fdb23a35388c19ee2c6bc003161c1ab5041dc94c26eeb3e615f23
aarch64
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.aarch64.rpm SHA-256: fd2ab34d3cf4ed5d12b72c2c96b59d3e973155ba8dbba6da250f47773869a658
redis-debuginfo-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.aarch64.rpm SHA-256: 3d6761a61b50d1d26418d5a966f47e69aa15a4fea723c1264417669357d659db
redis-debugsource-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.aarch64.rpm SHA-256: bf4845af8f3b41f3898d969940bcc2df5e662edeee9d826d10f037f7befdce51
redis-devel-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.aarch64.rpm SHA-256: d72c621f04f16bf90261a3a801acff6f07ec3de643bbea9d382b2bb08c635258
redis-doc-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.noarch.rpm SHA-256: 0cc01e870ec51b004be47dc6d07701327a7bb94aa059333bcba0be89df6bc630

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.src.rpm SHA-256: cd5ec838c80fdb23a35388c19ee2c6bc003161c1ab5041dc94c26eeb3e615f23
ppc64le
redis-doc-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.noarch.rpm SHA-256: 0cc01e870ec51b004be47dc6d07701327a7bb94aa059333bcba0be89df6bc630
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.ppc64le.rpm SHA-256: 196ae6e7f456f7c7982a3b7c40f0573f5f8b1263284a9a794c59567e9c1eb3a5
redis-debuginfo-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.ppc64le.rpm SHA-256: 06f9e2d15e0958263d9f3a48ec1b51d76c3eb7baef6c01f8c7534d72d6de3857
redis-debugsource-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.ppc64le.rpm SHA-256: a87b66883ac0366a9848c1dae7450843e522c53615f5d279d14d337a46b9382d
redis-devel-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.ppc64le.rpm SHA-256: dbb6f950c6051bec8d4f5980430cf33243d0a7b108285fd4c3b7e131c9c6a245

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.src.rpm SHA-256: cd5ec838c80fdb23a35388c19ee2c6bc003161c1ab5041dc94c26eeb3e615f23
x86_64
redis-doc-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.noarch.rpm SHA-256: 0cc01e870ec51b004be47dc6d07701327a7bb94aa059333bcba0be89df6bc630
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.x86_64.rpm SHA-256: 70628f40b52ce52890e5074f86ba9bdbfe0b54d6312dc71edc28fc0aeed4ae27
redis-debuginfo-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.x86_64.rpm SHA-256: 8283c18fa4a45793de3807be073903425ab1a8fa863de198c0211577555d1bf1
redis-debugsource-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.x86_64.rpm SHA-256: b6406b1a8dfb7e9ade75d585fda23a17be497377e2dc0ff4d479087e7f1c7bdb
redis-devel-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.x86_64.rpm SHA-256: 681908ef3375a8f4c1393c6a20720afeb52de4be0f9705ed031b29b6b8fdf3f5

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.src.rpm SHA-256: cd5ec838c80fdb23a35388c19ee2c6bc003161c1ab5041dc94c26eeb3e615f23
aarch64
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.aarch64.rpm SHA-256: fd2ab34d3cf4ed5d12b72c2c96b59d3e973155ba8dbba6da250f47773869a658
redis-debuginfo-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.aarch64.rpm SHA-256: 3d6761a61b50d1d26418d5a966f47e69aa15a4fea723c1264417669357d659db
redis-debugsource-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.aarch64.rpm SHA-256: bf4845af8f3b41f3898d969940bcc2df5e662edeee9d826d10f037f7befdce51
redis-devel-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.aarch64.rpm SHA-256: d72c621f04f16bf90261a3a801acff6f07ec3de643bbea9d382b2bb08c635258
redis-doc-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.noarch.rpm SHA-256: 0cc01e870ec51b004be47dc6d07701327a7bb94aa059333bcba0be89df6bc630

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.src.rpm SHA-256: cd5ec838c80fdb23a35388c19ee2c6bc003161c1ab5041dc94c26eeb3e615f23
s390x
redis-doc-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.noarch.rpm SHA-256: 0cc01e870ec51b004be47dc6d07701327a7bb94aa059333bcba0be89df6bc630
redis-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.s390x.rpm SHA-256: f8c41085642f3e4925acce55d19cc015bf103d3567578db5a4778568057e46f7
redis-debuginfo-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.s390x.rpm SHA-256: 072736f7c3da23f9388826a488ff4db93c5078e5c7f4104dd6cbcaec5bdc4928
redis-debugsource-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.s390x.rpm SHA-256: a09c6f0f8054b8911aedaef72022172cccc658ef20da768896187b12a964b283
redis-devel-7.0.12-1.module+el9.4.0+22724+5f7cf862.2.s390x.rpm SHA-256: 1dbed6f29fd29ca0171adbb477e1d87b1745737e74900165db5f4a095ad39697

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.