红帽产品勘误 RHSA-2025:19237 - Security Advisory
发布:
2025-10-29
已更新:
2025-10-29

RHSA-2025:19237 - Security Advisory

概述

Important: redis security update

类型/严重性

Security Advisory: Important

Red Hat Lightspeed patch analysis

识别并修复受此公告影响的系统。

查看受影响的系统

标题

An update for redis is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

描述

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.

Security Fix(es):

  • redis: Lua library commands may lead to integer overflow and potential RCE (CVE-2025-46817)
  • Redis: Redis: Authenticated users can execute LUA scripts as a different user (CVE-2025-46818)
  • Redis: Redis is vulnerable to DoS via specially crafted LUA scripts (CVE-2025-46819)
  • Redis: Redis Lua Use-After-Free may lead to remote code execution (CVE-2025-49844)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

解决方案

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

受影响的产品

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x

修复

  • BZ - 2401258 - CVE-2025-46817 redis: Lua library commands may lead to integer overflow and potential RCE
  • BZ - 2401292 - CVE-2025-46818 Redis: Redis: Authenticated users can execute LUA scripts as a different user
  • BZ - 2401322 - CVE-2025-46819 Redis: Redis is vulnerable to DoS via specially crafted LUA scripts
  • BZ - 2401324 - CVE-2025-49844 Redis: Redis Lua Use-After-Free may lead to remote code execution

Red Hat Enterprise Linux for x86_64 9

SRPM
redis-6.2.20-1.el9_6.src.rpm SHA-256: c6e1acdd5a5b86ed8b9913b08c7e187fae505b7d1cb893812135cc94335b00cb
x86_64
redis-6.2.20-1.el9_6.x86_64.rpm SHA-256: da23d47ce1eeef07788c96559a728d04ce3af261da1a8bca7b3c0c1cec8d8942
redis-debuginfo-6.2.20-1.el9_6.i686.rpm SHA-256: 234a65e4dacdbe304aec7ac930bbc8ba529a1b15c729f153fbb320afdc3a8fe4
redis-debuginfo-6.2.20-1.el9_6.x86_64.rpm SHA-256: 87c94ccf61d2b4826682cb1151ff08c85efa1a5e5dccd77feb8682ed4b4bad95
redis-debugsource-6.2.20-1.el9_6.i686.rpm SHA-256: 1890f961b9bd88b7f7d4e1ebffbc234d3db3a9d9f029b8461fb73df154ccad91
redis-debugsource-6.2.20-1.el9_6.x86_64.rpm SHA-256: 8e6e9257218388e4d17fc7a75554f6df6954341fba7a0296697309fe923a33e3
redis-devel-6.2.20-1.el9_6.i686.rpm SHA-256: d91f32ef1f09d14fcc6afb462abc41f2db26a363eb0f54db8665068416668930
redis-devel-6.2.20-1.el9_6.x86_64.rpm SHA-256: c9bd3ce32e21699d8085381c342e53661ebdd8f7a670db1ec2b0032ff4530dfa
redis-doc-6.2.20-1.el9_6.noarch.rpm SHA-256: 8674bc3f295fa86b36355656fc5d91af883a1e63d214b454e3424c7cced97240

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
redis-6.2.20-1.el9_6.src.rpm SHA-256: c6e1acdd5a5b86ed8b9913b08c7e187fae505b7d1cb893812135cc94335b00cb
x86_64
redis-6.2.20-1.el9_6.x86_64.rpm SHA-256: da23d47ce1eeef07788c96559a728d04ce3af261da1a8bca7b3c0c1cec8d8942
redis-debuginfo-6.2.20-1.el9_6.i686.rpm SHA-256: 234a65e4dacdbe304aec7ac930bbc8ba529a1b15c729f153fbb320afdc3a8fe4
redis-debuginfo-6.2.20-1.el9_6.x86_64.rpm SHA-256: 87c94ccf61d2b4826682cb1151ff08c85efa1a5e5dccd77feb8682ed4b4bad95
redis-debugsource-6.2.20-1.el9_6.i686.rpm SHA-256: 1890f961b9bd88b7f7d4e1ebffbc234d3db3a9d9f029b8461fb73df154ccad91
redis-debugsource-6.2.20-1.el9_6.x86_64.rpm SHA-256: 8e6e9257218388e4d17fc7a75554f6df6954341fba7a0296697309fe923a33e3
redis-devel-6.2.20-1.el9_6.i686.rpm SHA-256: d91f32ef1f09d14fcc6afb462abc41f2db26a363eb0f54db8665068416668930
redis-devel-6.2.20-1.el9_6.x86_64.rpm SHA-256: c9bd3ce32e21699d8085381c342e53661ebdd8f7a670db1ec2b0032ff4530dfa
redis-doc-6.2.20-1.el9_6.noarch.rpm SHA-256: 8674bc3f295fa86b36355656fc5d91af883a1e63d214b454e3424c7cced97240

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
redis-6.2.20-1.el9_6.src.rpm SHA-256: c6e1acdd5a5b86ed8b9913b08c7e187fae505b7d1cb893812135cc94335b00cb
x86_64
redis-6.2.20-1.el9_6.x86_64.rpm SHA-256: da23d47ce1eeef07788c96559a728d04ce3af261da1a8bca7b3c0c1cec8d8942
redis-debuginfo-6.2.20-1.el9_6.i686.rpm SHA-256: 234a65e4dacdbe304aec7ac930bbc8ba529a1b15c729f153fbb320afdc3a8fe4
redis-debuginfo-6.2.20-1.el9_6.x86_64.rpm SHA-256: 87c94ccf61d2b4826682cb1151ff08c85efa1a5e5dccd77feb8682ed4b4bad95
redis-debugsource-6.2.20-1.el9_6.i686.rpm SHA-256: 1890f961b9bd88b7f7d4e1ebffbc234d3db3a9d9f029b8461fb73df154ccad91
redis-debugsource-6.2.20-1.el9_6.x86_64.rpm SHA-256: 8e6e9257218388e4d17fc7a75554f6df6954341fba7a0296697309fe923a33e3
redis-devel-6.2.20-1.el9_6.i686.rpm SHA-256: d91f32ef1f09d14fcc6afb462abc41f2db26a363eb0f54db8665068416668930
redis-devel-6.2.20-1.el9_6.x86_64.rpm SHA-256: c9bd3ce32e21699d8085381c342e53661ebdd8f7a670db1ec2b0032ff4530dfa
redis-doc-6.2.20-1.el9_6.noarch.rpm SHA-256: 8674bc3f295fa86b36355656fc5d91af883a1e63d214b454e3424c7cced97240

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
redis-6.2.20-1.el9_6.src.rpm SHA-256: c6e1acdd5a5b86ed8b9913b08c7e187fae505b7d1cb893812135cc94335b00cb
s390x
redis-6.2.20-1.el9_6.s390x.rpm SHA-256: 0caa449c7368e24175c527b0ff867acfbe848f6d2e322d0a312a559b9bf9bb20
redis-debuginfo-6.2.20-1.el9_6.s390x.rpm SHA-256: 7ecf63da1dadb629ebfa43a3e256e360c244db41f5bfdf9c0a2d5015608c991f
redis-debugsource-6.2.20-1.el9_6.s390x.rpm SHA-256: 8094358a88bf1d0f7a6ac5e29d6391865c4146f70e2c87641871c0b7b993473a
redis-devel-6.2.20-1.el9_6.s390x.rpm SHA-256: 0542bedcc44ea5000daf886a14aace702f8f36cc79d4d564b2e957c61145794f
redis-doc-6.2.20-1.el9_6.noarch.rpm SHA-256: 8674bc3f295fa86b36355656fc5d91af883a1e63d214b454e3424c7cced97240

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
redis-6.2.20-1.el9_6.src.rpm SHA-256: c6e1acdd5a5b86ed8b9913b08c7e187fae505b7d1cb893812135cc94335b00cb
s390x
redis-6.2.20-1.el9_6.s390x.rpm SHA-256: 0caa449c7368e24175c527b0ff867acfbe848f6d2e322d0a312a559b9bf9bb20
redis-debuginfo-6.2.20-1.el9_6.s390x.rpm SHA-256: 7ecf63da1dadb629ebfa43a3e256e360c244db41f5bfdf9c0a2d5015608c991f
redis-debugsource-6.2.20-1.el9_6.s390x.rpm SHA-256: 8094358a88bf1d0f7a6ac5e29d6391865c4146f70e2c87641871c0b7b993473a
redis-devel-6.2.20-1.el9_6.s390x.rpm SHA-256: 0542bedcc44ea5000daf886a14aace702f8f36cc79d4d564b2e957c61145794f
redis-doc-6.2.20-1.el9_6.noarch.rpm SHA-256: 8674bc3f295fa86b36355656fc5d91af883a1e63d214b454e3424c7cced97240

Red Hat Enterprise Linux for Power, little endian 9

SRPM
redis-6.2.20-1.el9_6.src.rpm SHA-256: c6e1acdd5a5b86ed8b9913b08c7e187fae505b7d1cb893812135cc94335b00cb
ppc64le
redis-6.2.20-1.el9_6.ppc64le.rpm SHA-256: 892bf679d22508ebdde4dababc7a6d880405f1cc5f63965bf51e9f4b8bff533c
redis-debuginfo-6.2.20-1.el9_6.ppc64le.rpm SHA-256: f00ccd994fd04dd952a07718bd9f5bd257b84e1fe1b3b0e68231402978000a09
redis-debugsource-6.2.20-1.el9_6.ppc64le.rpm SHA-256: afa95b5a0ed33f05a9ededb32e608900f4c19c236f7c33f7ba5738b36c6c88be
redis-devel-6.2.20-1.el9_6.ppc64le.rpm SHA-256: 203032a7335f675c1a6c368ddb4747117842242d3e28fa6fa92d1f2a7f3d81e4
redis-doc-6.2.20-1.el9_6.noarch.rpm SHA-256: 8674bc3f295fa86b36355656fc5d91af883a1e63d214b454e3424c7cced97240

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
redis-6.2.20-1.el9_6.src.rpm SHA-256: c6e1acdd5a5b86ed8b9913b08c7e187fae505b7d1cb893812135cc94335b00cb
ppc64le
redis-6.2.20-1.el9_6.ppc64le.rpm SHA-256: 892bf679d22508ebdde4dababc7a6d880405f1cc5f63965bf51e9f4b8bff533c
redis-debuginfo-6.2.20-1.el9_6.ppc64le.rpm SHA-256: f00ccd994fd04dd952a07718bd9f5bd257b84e1fe1b3b0e68231402978000a09
redis-debugsource-6.2.20-1.el9_6.ppc64le.rpm SHA-256: afa95b5a0ed33f05a9ededb32e608900f4c19c236f7c33f7ba5738b36c6c88be
redis-devel-6.2.20-1.el9_6.ppc64le.rpm SHA-256: 203032a7335f675c1a6c368ddb4747117842242d3e28fa6fa92d1f2a7f3d81e4
redis-doc-6.2.20-1.el9_6.noarch.rpm SHA-256: 8674bc3f295fa86b36355656fc5d91af883a1e63d214b454e3424c7cced97240

Red Hat Enterprise Linux for ARM 64 9

SRPM
redis-6.2.20-1.el9_6.src.rpm SHA-256: c6e1acdd5a5b86ed8b9913b08c7e187fae505b7d1cb893812135cc94335b00cb
aarch64
redis-6.2.20-1.el9_6.aarch64.rpm SHA-256: 4a838a907f6fd83237f975edeae076554d91d594ae781ecfde99dec6ce775b2e
redis-debuginfo-6.2.20-1.el9_6.aarch64.rpm SHA-256: 45a697146195a1a200bfbb31366a144e78186fba2f70388a6086841c8fa6915c
redis-debugsource-6.2.20-1.el9_6.aarch64.rpm SHA-256: 2002354a4ddb3c0a14f3878aabf3f909c3f1d422f1d361a3652ca09c7f664c21
redis-devel-6.2.20-1.el9_6.aarch64.rpm SHA-256: 559d6c94b00094c6ce047be30ecbb144abc350e26ed4193e2694069eb667a459
redis-doc-6.2.20-1.el9_6.noarch.rpm SHA-256: 8674bc3f295fa86b36355656fc5d91af883a1e63d214b454e3424c7cced97240

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
redis-6.2.20-1.el9_6.src.rpm SHA-256: c6e1acdd5a5b86ed8b9913b08c7e187fae505b7d1cb893812135cc94335b00cb
aarch64
redis-6.2.20-1.el9_6.aarch64.rpm SHA-256: 4a838a907f6fd83237f975edeae076554d91d594ae781ecfde99dec6ce775b2e
redis-debuginfo-6.2.20-1.el9_6.aarch64.rpm SHA-256: 45a697146195a1a200bfbb31366a144e78186fba2f70388a6086841c8fa6915c
redis-debugsource-6.2.20-1.el9_6.aarch64.rpm SHA-256: 2002354a4ddb3c0a14f3878aabf3f909c3f1d422f1d361a3652ca09c7f664c21
redis-devel-6.2.20-1.el9_6.aarch64.rpm SHA-256: 559d6c94b00094c6ce047be30ecbb144abc350e26ed4193e2694069eb667a459
redis-doc-6.2.20-1.el9_6.noarch.rpm SHA-256: 8674bc3f295fa86b36355656fc5d91af883a1e63d214b454e3424c7cced97240

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
redis-6.2.20-1.el9_6.src.rpm SHA-256: c6e1acdd5a5b86ed8b9913b08c7e187fae505b7d1cb893812135cc94335b00cb
ppc64le
redis-6.2.20-1.el9_6.ppc64le.rpm SHA-256: 892bf679d22508ebdde4dababc7a6d880405f1cc5f63965bf51e9f4b8bff533c
redis-debuginfo-6.2.20-1.el9_6.ppc64le.rpm SHA-256: f00ccd994fd04dd952a07718bd9f5bd257b84e1fe1b3b0e68231402978000a09
redis-debugsource-6.2.20-1.el9_6.ppc64le.rpm SHA-256: afa95b5a0ed33f05a9ededb32e608900f4c19c236f7c33f7ba5738b36c6c88be
redis-devel-6.2.20-1.el9_6.ppc64le.rpm SHA-256: 203032a7335f675c1a6c368ddb4747117842242d3e28fa6fa92d1f2a7f3d81e4
redis-doc-6.2.20-1.el9_6.noarch.rpm SHA-256: 8674bc3f295fa86b36355656fc5d91af883a1e63d214b454e3424c7cced97240

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
redis-6.2.20-1.el9_6.src.rpm SHA-256: c6e1acdd5a5b86ed8b9913b08c7e187fae505b7d1cb893812135cc94335b00cb
x86_64
redis-6.2.20-1.el9_6.x86_64.rpm SHA-256: da23d47ce1eeef07788c96559a728d04ce3af261da1a8bca7b3c0c1cec8d8942
redis-debuginfo-6.2.20-1.el9_6.i686.rpm SHA-256: 234a65e4dacdbe304aec7ac930bbc8ba529a1b15c729f153fbb320afdc3a8fe4
redis-debuginfo-6.2.20-1.el9_6.x86_64.rpm SHA-256: 87c94ccf61d2b4826682cb1151ff08c85efa1a5e5dccd77feb8682ed4b4bad95
redis-debugsource-6.2.20-1.el9_6.i686.rpm SHA-256: 1890f961b9bd88b7f7d4e1ebffbc234d3db3a9d9f029b8461fb73df154ccad91
redis-debugsource-6.2.20-1.el9_6.x86_64.rpm SHA-256: 8e6e9257218388e4d17fc7a75554f6df6954341fba7a0296697309fe923a33e3
redis-devel-6.2.20-1.el9_6.i686.rpm SHA-256: d91f32ef1f09d14fcc6afb462abc41f2db26a363eb0f54db8665068416668930
redis-devel-6.2.20-1.el9_6.x86_64.rpm SHA-256: c9bd3ce32e21699d8085381c342e53661ebdd8f7a670db1ec2b0032ff4530dfa
redis-doc-6.2.20-1.el9_6.noarch.rpm SHA-256: 8674bc3f295fa86b36355656fc5d91af883a1e63d214b454e3424c7cced97240

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
redis-6.2.20-1.el9_6.src.rpm SHA-256: c6e1acdd5a5b86ed8b9913b08c7e187fae505b7d1cb893812135cc94335b00cb
aarch64
redis-6.2.20-1.el9_6.aarch64.rpm SHA-256: 4a838a907f6fd83237f975edeae076554d91d594ae781ecfde99dec6ce775b2e
redis-debuginfo-6.2.20-1.el9_6.aarch64.rpm SHA-256: 45a697146195a1a200bfbb31366a144e78186fba2f70388a6086841c8fa6915c
redis-debugsource-6.2.20-1.el9_6.aarch64.rpm SHA-256: 2002354a4ddb3c0a14f3878aabf3f909c3f1d422f1d361a3652ca09c7f664c21
redis-devel-6.2.20-1.el9_6.aarch64.rpm SHA-256: 559d6c94b00094c6ce047be30ecbb144abc350e26ed4193e2694069eb667a459
redis-doc-6.2.20-1.el9_6.noarch.rpm SHA-256: 8674bc3f295fa86b36355656fc5d91af883a1e63d214b454e3424c7cced97240

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
redis-6.2.20-1.el9_6.src.rpm SHA-256: c6e1acdd5a5b86ed8b9913b08c7e187fae505b7d1cb893812135cc94335b00cb
s390x
redis-6.2.20-1.el9_6.s390x.rpm SHA-256: 0caa449c7368e24175c527b0ff867acfbe848f6d2e322d0a312a559b9bf9bb20
redis-debuginfo-6.2.20-1.el9_6.s390x.rpm SHA-256: 7ecf63da1dadb629ebfa43a3e256e360c244db41f5bfdf9c0a2d5015608c991f
redis-debugsource-6.2.20-1.el9_6.s390x.rpm SHA-256: 8094358a88bf1d0f7a6ac5e29d6391865c4146f70e2c87641871c0b7b993473a
redis-devel-6.2.20-1.el9_6.s390x.rpm SHA-256: 0542bedcc44ea5000daf886a14aace702f8f36cc79d4d564b2e957c61145794f
redis-doc-6.2.20-1.el9_6.noarch.rpm SHA-256: 8674bc3f295fa86b36355656fc5d91af883a1e63d214b454e3424c7cced97240

Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/