Red Hat Product Errata RHSA-2025:11401 - Security Advisory
Issued:
2025-07-21
Updated:
2025-07-21

RHSA-2025:11401 - Security Advisory

Synopsis

Important: valkey security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for valkey is now available for Red Hat Enterprise Linux 10.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also.

Security Fix(es):

  • redis: Redis Stack Buffer Overflow (CVE-2025-27151)
  • redis: Redis Unauthenticated Denial of Service (CVE-2025-48367)
  • redis: Redis Hyperloglog Out-of-Bounds Write Vulnerability (CVE-2025-32023)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 10 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 10 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
  • Red Hat Enterprise Linux for Power, little endian 10 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
  • Red Hat Enterprise Linux for ARM 64 10 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x
  • Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64

Fixes

  • BZ - 2369153 - CVE-2025-27151 redis: Redis Stack Buffer Overflow

Red Hat Enterprise Linux for x86_64 10

SRPM
valkey-8.0.4-1.el10_0.src.rpm SHA-256: f775602a90865ae88cb9a57e5b3a617457505e14bf0487b7bb8f346b00055299
x86_64
valkey-8.0.4-1.el10_0.x86_64.rpm SHA-256: 5d4e7883e093d81f1e4b825fcc74ff01d4abe4274fd5efc4a1c7ca13d1f9ca85
valkey-debuginfo-8.0.4-1.el10_0.x86_64.rpm SHA-256: 3f76f02119be70c4c24320ccbd76295a3be9ad24c02686211856b4a0c4beb746
valkey-debugsource-8.0.4-1.el10_0.x86_64.rpm SHA-256: 26037b68a335a64ed09347e81305dab49b39a7841f3b3679337b67b61eacafde
valkey-devel-8.0.4-1.el10_0.x86_64.rpm SHA-256: 4472f6c1f871ae5e84bc4d4e7f6b7ed5f31bb75b07c5cfc765d9dc830504d3c3

Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0

SRPM
valkey-8.0.4-1.el10_0.src.rpm SHA-256: f775602a90865ae88cb9a57e5b3a617457505e14bf0487b7bb8f346b00055299
x86_64
valkey-8.0.4-1.el10_0.x86_64.rpm SHA-256: 5d4e7883e093d81f1e4b825fcc74ff01d4abe4274fd5efc4a1c7ca13d1f9ca85
valkey-debuginfo-8.0.4-1.el10_0.x86_64.rpm SHA-256: 3f76f02119be70c4c24320ccbd76295a3be9ad24c02686211856b4a0c4beb746
valkey-debugsource-8.0.4-1.el10_0.x86_64.rpm SHA-256: 26037b68a335a64ed09347e81305dab49b39a7841f3b3679337b67b61eacafde
valkey-devel-8.0.4-1.el10_0.x86_64.rpm SHA-256: 4472f6c1f871ae5e84bc4d4e7f6b7ed5f31bb75b07c5cfc765d9dc830504d3c3

Red Hat Enterprise Linux for IBM z Systems 10

SRPM
valkey-8.0.4-1.el10_0.src.rpm SHA-256: f775602a90865ae88cb9a57e5b3a617457505e14bf0487b7bb8f346b00055299
s390x
valkey-8.0.4-1.el10_0.s390x.rpm SHA-256: f791ea5520d1d70d38503c801aaa65066bc7b1d1ef6caae214f9f91986c54d2f
valkey-debuginfo-8.0.4-1.el10_0.s390x.rpm SHA-256: a59817a8ae9ed93a711161d1ad7d1ba019786995743d686ad1b45035a6559e9b
valkey-debugsource-8.0.4-1.el10_0.s390x.rpm SHA-256: 7c7b6f95189d2885c6f2fadb4cadcced134ee8bde9347581d5780f98df9ec535
valkey-devel-8.0.4-1.el10_0.s390x.rpm SHA-256: dd7e2b26b2fec5683de7f4101bec03182ad092d836d4d8e7eb347c178482d029

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0

SRPM
valkey-8.0.4-1.el10_0.src.rpm SHA-256: f775602a90865ae88cb9a57e5b3a617457505e14bf0487b7bb8f346b00055299
s390x
valkey-8.0.4-1.el10_0.s390x.rpm SHA-256: f791ea5520d1d70d38503c801aaa65066bc7b1d1ef6caae214f9f91986c54d2f
valkey-debuginfo-8.0.4-1.el10_0.s390x.rpm SHA-256: a59817a8ae9ed93a711161d1ad7d1ba019786995743d686ad1b45035a6559e9b
valkey-debugsource-8.0.4-1.el10_0.s390x.rpm SHA-256: 7c7b6f95189d2885c6f2fadb4cadcced134ee8bde9347581d5780f98df9ec535
valkey-devel-8.0.4-1.el10_0.s390x.rpm SHA-256: dd7e2b26b2fec5683de7f4101bec03182ad092d836d4d8e7eb347c178482d029

Red Hat Enterprise Linux for Power, little endian 10

SRPM
valkey-8.0.4-1.el10_0.src.rpm SHA-256: f775602a90865ae88cb9a57e5b3a617457505e14bf0487b7bb8f346b00055299
ppc64le
valkey-8.0.4-1.el10_0.ppc64le.rpm SHA-256: 91afe8c82fc4738fdacb8765530a6afa3c9d3c8784cc519aa9db7ce69265c4ee
valkey-debuginfo-8.0.4-1.el10_0.ppc64le.rpm SHA-256: fa7fe81828fa1f11699b0ae69de7fc8a0236f9c6a6140a05699a9fdb6e38c789
valkey-debugsource-8.0.4-1.el10_0.ppc64le.rpm SHA-256: 293a7547d4f39dcb6608209035446df2eb2b5b2551f84d0f29cc2d453975c1f1
valkey-devel-8.0.4-1.el10_0.ppc64le.rpm SHA-256: f9325e861c1ed2305429c45ae00056c37fdcbef31eea1df6e22e8534c1862d03

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0

SRPM
valkey-8.0.4-1.el10_0.src.rpm SHA-256: f775602a90865ae88cb9a57e5b3a617457505e14bf0487b7bb8f346b00055299
ppc64le
valkey-8.0.4-1.el10_0.ppc64le.rpm SHA-256: 91afe8c82fc4738fdacb8765530a6afa3c9d3c8784cc519aa9db7ce69265c4ee
valkey-debuginfo-8.0.4-1.el10_0.ppc64le.rpm SHA-256: fa7fe81828fa1f11699b0ae69de7fc8a0236f9c6a6140a05699a9fdb6e38c789
valkey-debugsource-8.0.4-1.el10_0.ppc64le.rpm SHA-256: 293a7547d4f39dcb6608209035446df2eb2b5b2551f84d0f29cc2d453975c1f1
valkey-devel-8.0.4-1.el10_0.ppc64le.rpm SHA-256: f9325e861c1ed2305429c45ae00056c37fdcbef31eea1df6e22e8534c1862d03

Red Hat Enterprise Linux for ARM 64 10

SRPM
valkey-8.0.4-1.el10_0.src.rpm SHA-256: f775602a90865ae88cb9a57e5b3a617457505e14bf0487b7bb8f346b00055299
aarch64
valkey-8.0.4-1.el10_0.aarch64.rpm SHA-256: e5326beb7fe6360e82bae2dc01f9b7b6da94601f02916c65225dd571d9aacac7
valkey-debuginfo-8.0.4-1.el10_0.aarch64.rpm SHA-256: 4a4ec4bf9a3c1e6777201072ad2dfb5a2fe4017e275b067d51dac006308cad55
valkey-debugsource-8.0.4-1.el10_0.aarch64.rpm SHA-256: 966bfeec4eff5bc75fa004c9516d45f55249e89192945797d7377f75afaf7338
valkey-devel-8.0.4-1.el10_0.aarch64.rpm SHA-256: 588a471d60eb5487e648f226c7c73a7d477a9f613ceb35c3ebb90a8bee30e1f1

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0

SRPM
valkey-8.0.4-1.el10_0.src.rpm SHA-256: f775602a90865ae88cb9a57e5b3a617457505e14bf0487b7bb8f346b00055299
aarch64
valkey-8.0.4-1.el10_0.aarch64.rpm SHA-256: e5326beb7fe6360e82bae2dc01f9b7b6da94601f02916c65225dd571d9aacac7
valkey-debuginfo-8.0.4-1.el10_0.aarch64.rpm SHA-256: 4a4ec4bf9a3c1e6777201072ad2dfb5a2fe4017e275b067d51dac006308cad55
valkey-debugsource-8.0.4-1.el10_0.aarch64.rpm SHA-256: 966bfeec4eff5bc75fa004c9516d45f55249e89192945797d7377f75afaf7338
valkey-devel-8.0.4-1.el10_0.aarch64.rpm SHA-256: 588a471d60eb5487e648f226c7c73a7d477a9f613ceb35c3ebb90a8bee30e1f1

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0

SRPM
valkey-8.0.4-1.el10_0.src.rpm SHA-256: f775602a90865ae88cb9a57e5b3a617457505e14bf0487b7bb8f346b00055299
aarch64
valkey-8.0.4-1.el10_0.aarch64.rpm SHA-256: e5326beb7fe6360e82bae2dc01f9b7b6da94601f02916c65225dd571d9aacac7
valkey-debuginfo-8.0.4-1.el10_0.aarch64.rpm SHA-256: 4a4ec4bf9a3c1e6777201072ad2dfb5a2fe4017e275b067d51dac006308cad55
valkey-debugsource-8.0.4-1.el10_0.aarch64.rpm SHA-256: 966bfeec4eff5bc75fa004c9516d45f55249e89192945797d7377f75afaf7338
valkey-devel-8.0.4-1.el10_0.aarch64.rpm SHA-256: 588a471d60eb5487e648f226c7c73a7d477a9f613ceb35c3ebb90a8bee30e1f1

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0

SRPM
valkey-8.0.4-1.el10_0.src.rpm SHA-256: f775602a90865ae88cb9a57e5b3a617457505e14bf0487b7bb8f346b00055299
s390x
valkey-8.0.4-1.el10_0.s390x.rpm SHA-256: f791ea5520d1d70d38503c801aaa65066bc7b1d1ef6caae214f9f91986c54d2f
valkey-debuginfo-8.0.4-1.el10_0.s390x.rpm SHA-256: a59817a8ae9ed93a711161d1ad7d1ba019786995743d686ad1b45035a6559e9b
valkey-debugsource-8.0.4-1.el10_0.s390x.rpm SHA-256: 7c7b6f95189d2885c6f2fadb4cadcced134ee8bde9347581d5780f98df9ec535
valkey-devel-8.0.4-1.el10_0.s390x.rpm SHA-256: dd7e2b26b2fec5683de7f4101bec03182ad092d836d4d8e7eb347c178482d029

Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0

SRPM
valkey-8.0.4-1.el10_0.src.rpm SHA-256: f775602a90865ae88cb9a57e5b3a617457505e14bf0487b7bb8f346b00055299
ppc64le
valkey-8.0.4-1.el10_0.ppc64le.rpm SHA-256: 91afe8c82fc4738fdacb8765530a6afa3c9d3c8784cc519aa9db7ce69265c4ee
valkey-debuginfo-8.0.4-1.el10_0.ppc64le.rpm SHA-256: fa7fe81828fa1f11699b0ae69de7fc8a0236f9c6a6140a05699a9fdb6e38c789
valkey-debugsource-8.0.4-1.el10_0.ppc64le.rpm SHA-256: 293a7547d4f39dcb6608209035446df2eb2b5b2551f84d0f29cc2d453975c1f1
valkey-devel-8.0.4-1.el10_0.ppc64le.rpm SHA-256: f9325e861c1ed2305429c45ae00056c37fdcbef31eea1df6e22e8534c1862d03

Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0

SRPM
valkey-8.0.4-1.el10_0.src.rpm SHA-256: f775602a90865ae88cb9a57e5b3a617457505e14bf0487b7bb8f346b00055299
x86_64
valkey-8.0.4-1.el10_0.x86_64.rpm SHA-256: 5d4e7883e093d81f1e4b825fcc74ff01d4abe4274fd5efc4a1c7ca13d1f9ca85
valkey-debuginfo-8.0.4-1.el10_0.x86_64.rpm SHA-256: 3f76f02119be70c4c24320ccbd76295a3be9ad24c02686211856b4a0c4beb746
valkey-debugsource-8.0.4-1.el10_0.x86_64.rpm SHA-256: 26037b68a335a64ed09347e81305dab49b39a7841f3b3679337b67b61eacafde
valkey-devel-8.0.4-1.el10_0.x86_64.rpm SHA-256: 4472f6c1f871ae5e84bc4d4e7f6b7ed5f31bb75b07c5cfc765d9dc830504d3c3

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.