Issued:: 2025-01-27
Updated:: 2025-01-27

RHSA-2025:0692 - Security Advisory

Overview
Updated Packages

Synopsis

Important: redis:7 security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the redis:7 module is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.

Security Fix(es):

redis: Redis' Lua library commands may lead to remote code execution (CVE-2024-46981)
redis: Redis allows denial-of-service due to malformed ACL selectors (CVE-2024-51741)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 9 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
Red Hat Enterprise Linux for IBM z Systems 9 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
Red Hat Enterprise Linux for ARM 64 9 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x

Fixes

BZ - 2336004 - CVE-2024-46981 redis: Redis' Lua library commands may lead to remote code execution
BZ - 2336007 - CVE-2024-51741 redis: Redis allows denial-of-service due to malformed ACL selectors

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 9

SRPM
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.src.rpm	SHA-256: 129c3d7be3445049b3d3b16ed84f2c3e9c4e76595655517136971c6a909a0929
x86_64
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.x86_64.rpm	SHA-256: f60ef74546f2c087efa48072ef6a0df0b4a25ee1d54e7c9a0b91e374329aa33d
redis-debuginfo-7.2.7-1.module+el9.5.0+22705+3d861c1c.x86_64.rpm	SHA-256: b09b9003390ddb37812caced9339caeaa407ab59fcae272856d4129dce380f71
redis-debugsource-7.2.7-1.module+el9.5.0+22705+3d861c1c.x86_64.rpm	SHA-256: 044d0b65bd63f5b2577c2c6c4196fb65d389394772e5c6e32b1ea5805d71f6eb
redis-devel-7.2.7-1.module+el9.5.0+22705+3d861c1c.x86_64.rpm	SHA-256: be85b92cdce89eb7efdf924e1e771d9348bce4fe44f5a795389dd46cbdaf8546
redis-doc-7.2.7-1.module+el9.5.0+22705+3d861c1c.noarch.rpm	SHA-256: 91407aead274ca4013ea2633c8a5d254ef5e4ad849e462cd3cf15cbe3c4d7f66

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.src.rpm	SHA-256: 129c3d7be3445049b3d3b16ed84f2c3e9c4e76595655517136971c6a909a0929
x86_64
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.x86_64.rpm	SHA-256: f60ef74546f2c087efa48072ef6a0df0b4a25ee1d54e7c9a0b91e374329aa33d
redis-debuginfo-7.2.7-1.module+el9.5.0+22705+3d861c1c.x86_64.rpm	SHA-256: b09b9003390ddb37812caced9339caeaa407ab59fcae272856d4129dce380f71
redis-debugsource-7.2.7-1.module+el9.5.0+22705+3d861c1c.x86_64.rpm	SHA-256: 044d0b65bd63f5b2577c2c6c4196fb65d389394772e5c6e32b1ea5805d71f6eb
redis-devel-7.2.7-1.module+el9.5.0+22705+3d861c1c.x86_64.rpm	SHA-256: be85b92cdce89eb7efdf924e1e771d9348bce4fe44f5a795389dd46cbdaf8546
redis-doc-7.2.7-1.module+el9.5.0+22705+3d861c1c.noarch.rpm	SHA-256: 91407aead274ca4013ea2633c8a5d254ef5e4ad849e462cd3cf15cbe3c4d7f66

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.src.rpm	SHA-256: 129c3d7be3445049b3d3b16ed84f2c3e9c4e76595655517136971c6a909a0929
x86_64
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.x86_64.rpm	SHA-256: f60ef74546f2c087efa48072ef6a0df0b4a25ee1d54e7c9a0b91e374329aa33d
redis-debuginfo-7.2.7-1.module+el9.5.0+22705+3d861c1c.x86_64.rpm	SHA-256: b09b9003390ddb37812caced9339caeaa407ab59fcae272856d4129dce380f71
redis-debugsource-7.2.7-1.module+el9.5.0+22705+3d861c1c.x86_64.rpm	SHA-256: 044d0b65bd63f5b2577c2c6c4196fb65d389394772e5c6e32b1ea5805d71f6eb
redis-devel-7.2.7-1.module+el9.5.0+22705+3d861c1c.x86_64.rpm	SHA-256: be85b92cdce89eb7efdf924e1e771d9348bce4fe44f5a795389dd46cbdaf8546
redis-doc-7.2.7-1.module+el9.5.0+22705+3d861c1c.noarch.rpm	SHA-256: 91407aead274ca4013ea2633c8a5d254ef5e4ad849e462cd3cf15cbe3c4d7f66

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.src.rpm	SHA-256: 129c3d7be3445049b3d3b16ed84f2c3e9c4e76595655517136971c6a909a0929
s390x
redis-doc-7.2.7-1.module+el9.5.0+22705+3d861c1c.noarch.rpm	SHA-256: 91407aead274ca4013ea2633c8a5d254ef5e4ad849e462cd3cf15cbe3c4d7f66
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.s390x.rpm	SHA-256: 1b11c6ae1d57ed37778f53908a1662da957c5879cff8af5d1d76c6671aa1f47e
redis-debuginfo-7.2.7-1.module+el9.5.0+22705+3d861c1c.s390x.rpm	SHA-256: 18c547f0999cbfbc34059c4d09057aa278a6d5bd247893fda2a544273b7bfe34
redis-debugsource-7.2.7-1.module+el9.5.0+22705+3d861c1c.s390x.rpm	SHA-256: b064bfa5977bc1ab941f4228d2d087aec3cc5eab5fe8b1db8464a2c8d7bd7cf5
redis-devel-7.2.7-1.module+el9.5.0+22705+3d861c1c.s390x.rpm	SHA-256: 40aa58346a68a5eb6f17624ff04b1a307590e828f227c36b3bd42433644c1665

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.src.rpm	SHA-256: 129c3d7be3445049b3d3b16ed84f2c3e9c4e76595655517136971c6a909a0929
s390x
redis-doc-7.2.7-1.module+el9.5.0+22705+3d861c1c.noarch.rpm	SHA-256: 91407aead274ca4013ea2633c8a5d254ef5e4ad849e462cd3cf15cbe3c4d7f66
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.s390x.rpm	SHA-256: 1b11c6ae1d57ed37778f53908a1662da957c5879cff8af5d1d76c6671aa1f47e
redis-debuginfo-7.2.7-1.module+el9.5.0+22705+3d861c1c.s390x.rpm	SHA-256: 18c547f0999cbfbc34059c4d09057aa278a6d5bd247893fda2a544273b7bfe34
redis-debugsource-7.2.7-1.module+el9.5.0+22705+3d861c1c.s390x.rpm	SHA-256: b064bfa5977bc1ab941f4228d2d087aec3cc5eab5fe8b1db8464a2c8d7bd7cf5
redis-devel-7.2.7-1.module+el9.5.0+22705+3d861c1c.s390x.rpm	SHA-256: 40aa58346a68a5eb6f17624ff04b1a307590e828f227c36b3bd42433644c1665

Red Hat Enterprise Linux for Power, little endian 9

SRPM
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.src.rpm	SHA-256: 129c3d7be3445049b3d3b16ed84f2c3e9c4e76595655517136971c6a909a0929
ppc64le
redis-doc-7.2.7-1.module+el9.5.0+22705+3d861c1c.noarch.rpm	SHA-256: 91407aead274ca4013ea2633c8a5d254ef5e4ad849e462cd3cf15cbe3c4d7f66
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.ppc64le.rpm	SHA-256: f5d3a857d1c23a35945c134554657ea92c76b6b802770a55713c9d60ad72ad59
redis-debuginfo-7.2.7-1.module+el9.5.0+22705+3d861c1c.ppc64le.rpm	SHA-256: 9eb95202a838aa247398e74280f441428a359eee24ddb904d89eae6efe88872c
redis-debugsource-7.2.7-1.module+el9.5.0+22705+3d861c1c.ppc64le.rpm	SHA-256: e3e79dd499e619d5be6a9082fd33f62579d3344ecbb97c0fe877ac7dac5c8b97
redis-devel-7.2.7-1.module+el9.5.0+22705+3d861c1c.ppc64le.rpm	SHA-256: 3b99dc2f7cb952676a34f86014af8734eae1992f16a14321d8101d5891a57dfa

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.src.rpm	SHA-256: 129c3d7be3445049b3d3b16ed84f2c3e9c4e76595655517136971c6a909a0929
ppc64le
redis-doc-7.2.7-1.module+el9.5.0+22705+3d861c1c.noarch.rpm	SHA-256: 91407aead274ca4013ea2633c8a5d254ef5e4ad849e462cd3cf15cbe3c4d7f66
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.ppc64le.rpm	SHA-256: f5d3a857d1c23a35945c134554657ea92c76b6b802770a55713c9d60ad72ad59
redis-debuginfo-7.2.7-1.module+el9.5.0+22705+3d861c1c.ppc64le.rpm	SHA-256: 9eb95202a838aa247398e74280f441428a359eee24ddb904d89eae6efe88872c
redis-debugsource-7.2.7-1.module+el9.5.0+22705+3d861c1c.ppc64le.rpm	SHA-256: e3e79dd499e619d5be6a9082fd33f62579d3344ecbb97c0fe877ac7dac5c8b97
redis-devel-7.2.7-1.module+el9.5.0+22705+3d861c1c.ppc64le.rpm	SHA-256: 3b99dc2f7cb952676a34f86014af8734eae1992f16a14321d8101d5891a57dfa

Red Hat Enterprise Linux for ARM 64 9

SRPM
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.src.rpm	SHA-256: 129c3d7be3445049b3d3b16ed84f2c3e9c4e76595655517136971c6a909a0929
aarch64
redis-doc-7.2.7-1.module+el9.5.0+22705+3d861c1c.noarch.rpm	SHA-256: 91407aead274ca4013ea2633c8a5d254ef5e4ad849e462cd3cf15cbe3c4d7f66
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.aarch64.rpm	SHA-256: e04c36b4007deafb98fcf884622a8c9619c12d8ad1c1e1da4932ebdf53494131
redis-debuginfo-7.2.7-1.module+el9.5.0+22705+3d861c1c.aarch64.rpm	SHA-256: 336ea05e67d10c3dd3be5f71176635ee716d6423f9711a510668678e52595b76
redis-debugsource-7.2.7-1.module+el9.5.0+22705+3d861c1c.aarch64.rpm	SHA-256: 08929f443d7b20288b82879681eebc52e816fcba4b9858a50882f7e0750caffc
redis-devel-7.2.7-1.module+el9.5.0+22705+3d861c1c.aarch64.rpm	SHA-256: a4445a797713052914e93b4b5cdcbb3de161a4762dfe98de2393b97706d4587a

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.src.rpm	SHA-256: 129c3d7be3445049b3d3b16ed84f2c3e9c4e76595655517136971c6a909a0929
aarch64
redis-doc-7.2.7-1.module+el9.5.0+22705+3d861c1c.noarch.rpm	SHA-256: 91407aead274ca4013ea2633c8a5d254ef5e4ad849e462cd3cf15cbe3c4d7f66
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.aarch64.rpm	SHA-256: e04c36b4007deafb98fcf884622a8c9619c12d8ad1c1e1da4932ebdf53494131
redis-debuginfo-7.2.7-1.module+el9.5.0+22705+3d861c1c.aarch64.rpm	SHA-256: 336ea05e67d10c3dd3be5f71176635ee716d6423f9711a510668678e52595b76
redis-debugsource-7.2.7-1.module+el9.5.0+22705+3d861c1c.aarch64.rpm	SHA-256: 08929f443d7b20288b82879681eebc52e816fcba4b9858a50882f7e0750caffc
redis-devel-7.2.7-1.module+el9.5.0+22705+3d861c1c.aarch64.rpm	SHA-256: a4445a797713052914e93b4b5cdcbb3de161a4762dfe98de2393b97706d4587a

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.src.rpm	SHA-256: 129c3d7be3445049b3d3b16ed84f2c3e9c4e76595655517136971c6a909a0929
ppc64le
redis-doc-7.2.7-1.module+el9.5.0+22705+3d861c1c.noarch.rpm	SHA-256: 91407aead274ca4013ea2633c8a5d254ef5e4ad849e462cd3cf15cbe3c4d7f66
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.ppc64le.rpm	SHA-256: f5d3a857d1c23a35945c134554657ea92c76b6b802770a55713c9d60ad72ad59
redis-debuginfo-7.2.7-1.module+el9.5.0+22705+3d861c1c.ppc64le.rpm	SHA-256: 9eb95202a838aa247398e74280f441428a359eee24ddb904d89eae6efe88872c
redis-debugsource-7.2.7-1.module+el9.5.0+22705+3d861c1c.ppc64le.rpm	SHA-256: e3e79dd499e619d5be6a9082fd33f62579d3344ecbb97c0fe877ac7dac5c8b97
redis-devel-7.2.7-1.module+el9.5.0+22705+3d861c1c.ppc64le.rpm	SHA-256: 3b99dc2f7cb952676a34f86014af8734eae1992f16a14321d8101d5891a57dfa

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.src.rpm	SHA-256: 129c3d7be3445049b3d3b16ed84f2c3e9c4e76595655517136971c6a909a0929
x86_64
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.x86_64.rpm	SHA-256: f60ef74546f2c087efa48072ef6a0df0b4a25ee1d54e7c9a0b91e374329aa33d
redis-debuginfo-7.2.7-1.module+el9.5.0+22705+3d861c1c.x86_64.rpm	SHA-256: b09b9003390ddb37812caced9339caeaa407ab59fcae272856d4129dce380f71
redis-debugsource-7.2.7-1.module+el9.5.0+22705+3d861c1c.x86_64.rpm	SHA-256: 044d0b65bd63f5b2577c2c6c4196fb65d389394772e5c6e32b1ea5805d71f6eb
redis-devel-7.2.7-1.module+el9.5.0+22705+3d861c1c.x86_64.rpm	SHA-256: be85b92cdce89eb7efdf924e1e771d9348bce4fe44f5a795389dd46cbdaf8546
redis-doc-7.2.7-1.module+el9.5.0+22705+3d861c1c.noarch.rpm	SHA-256: 91407aead274ca4013ea2633c8a5d254ef5e4ad849e462cd3cf15cbe3c4d7f66

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.src.rpm	SHA-256: 129c3d7be3445049b3d3b16ed84f2c3e9c4e76595655517136971c6a909a0929
aarch64
redis-doc-7.2.7-1.module+el9.5.0+22705+3d861c1c.noarch.rpm	SHA-256: 91407aead274ca4013ea2633c8a5d254ef5e4ad849e462cd3cf15cbe3c4d7f66
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.aarch64.rpm	SHA-256: e04c36b4007deafb98fcf884622a8c9619c12d8ad1c1e1da4932ebdf53494131
redis-debuginfo-7.2.7-1.module+el9.5.0+22705+3d861c1c.aarch64.rpm	SHA-256: 336ea05e67d10c3dd3be5f71176635ee716d6423f9711a510668678e52595b76
redis-debugsource-7.2.7-1.module+el9.5.0+22705+3d861c1c.aarch64.rpm	SHA-256: 08929f443d7b20288b82879681eebc52e816fcba4b9858a50882f7e0750caffc
redis-devel-7.2.7-1.module+el9.5.0+22705+3d861c1c.aarch64.rpm	SHA-256: a4445a797713052914e93b4b5cdcbb3de161a4762dfe98de2393b97706d4587a

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.src.rpm	SHA-256: 129c3d7be3445049b3d3b16ed84f2c3e9c4e76595655517136971c6a909a0929
s390x
redis-doc-7.2.7-1.module+el9.5.0+22705+3d861c1c.noarch.rpm	SHA-256: 91407aead274ca4013ea2633c8a5d254ef5e4ad849e462cd3cf15cbe3c4d7f66
redis-7.2.7-1.module+el9.5.0+22705+3d861c1c.s390x.rpm	SHA-256: 1b11c6ae1d57ed37778f53908a1662da957c5879cff8af5d1d76c6671aa1f47e
redis-debuginfo-7.2.7-1.module+el9.5.0+22705+3d861c1c.s390x.rpm	SHA-256: 18c547f0999cbfbc34059c4d09057aa278a6d5bd247893fda2a544273b7bfe34
redis-debugsource-7.2.7-1.module+el9.5.0+22705+3d861c1c.s390x.rpm	SHA-256: b064bfa5977bc1ab941f4228d2d087aec3cc5eab5fe8b1db8464a2c8d7bd7cf5
redis-devel-7.2.7-1.module+el9.5.0+22705+3d861c1c.s390x.rpm	SHA-256: 40aa58346a68a5eb6f17624ff04b1a307590e828f227c36b3bd42433644c1665

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation