Red Hat Product Errata RHSA-2025:4607 - Security Advisory
Issued:
2025-05-07
Updated:
2025-05-07

RHSA-2025:4607 - Security Advisory

Synopsis

Important: redis:6 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the redis:6 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.

Security Fix(es):

  • redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client (CVE-2025-21605)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

Fixes

  • BZ - 2361883 - CVE-2025-21605 redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8

SRPM
redis-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.src.rpm SHA-256: 652019bfbe7c415fb727f61f2a4277abc90c817303b5f51ab266b443c348026e
x86_64
redis-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.x86_64.rpm SHA-256: 647160d475bc85722cf261622d4ba917f588b599aada2cbf7c37aea7a6f0bc84
redis-debuginfo-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.x86_64.rpm SHA-256: c5a2dc64a9e95995ed0c163ed52c9ea8b21222178c627008ff05c489bda42f16
redis-debugsource-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.x86_64.rpm SHA-256: 7f3ed8835e4a10453384fe073eb564391087be14623c18450f54048b7803ce1f
redis-devel-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.x86_64.rpm SHA-256: 2917d30c9e44868fbfcccb5e04959d6f9954e5632e984a2315c389cfdb190306
redis-doc-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.noarch.rpm SHA-256: 46ebb7748ab7fa3e67779f27c0dae6724c115ba3c6230775a5f748397b845926

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8

SRPM
redis-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.src.rpm SHA-256: 652019bfbe7c415fb727f61f2a4277abc90c817303b5f51ab266b443c348026e
x86_64
redis-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.x86_64.rpm SHA-256: 647160d475bc85722cf261622d4ba917f588b599aada2cbf7c37aea7a6f0bc84
redis-debuginfo-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.x86_64.rpm SHA-256: c5a2dc64a9e95995ed0c163ed52c9ea8b21222178c627008ff05c489bda42f16
redis-debugsource-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.x86_64.rpm SHA-256: 7f3ed8835e4a10453384fe073eb564391087be14623c18450f54048b7803ce1f
redis-devel-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.x86_64.rpm SHA-256: 2917d30c9e44868fbfcccb5e04959d6f9954e5632e984a2315c389cfdb190306
redis-doc-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.noarch.rpm SHA-256: 46ebb7748ab7fa3e67779f27c0dae6724c115ba3c6230775a5f748397b845926

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8

SRPM
redis-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.src.rpm SHA-256: 652019bfbe7c415fb727f61f2a4277abc90c817303b5f51ab266b443c348026e
s390x
redis-doc-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.noarch.rpm SHA-256: 46ebb7748ab7fa3e67779f27c0dae6724c115ba3c6230775a5f748397b845926
redis-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.s390x.rpm SHA-256: 6f2cb44c82bcc37e7ad75b87680c28d8fec7180dc0ccd26626f981f2d41719ba
redis-debuginfo-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.s390x.rpm SHA-256: afc9bb4c60af05be4819f9a520560488537ce4a12c8622e205ba191fcbd8947b
redis-debugsource-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.s390x.rpm SHA-256: 9a77f91f4e05816c2b5841e534795c76382f578ed3860c858059ed8550b7e56e
redis-devel-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.s390x.rpm SHA-256: 19773c78475e9a60219ef928fcac85b9843d4bbe1f60d7f44a3b2a94769c7a3c

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8

SRPM
redis-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.src.rpm SHA-256: 652019bfbe7c415fb727f61f2a4277abc90c817303b5f51ab266b443c348026e
ppc64le
redis-doc-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.noarch.rpm SHA-256: 46ebb7748ab7fa3e67779f27c0dae6724c115ba3c6230775a5f748397b845926
redis-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.ppc64le.rpm SHA-256: dfeeb2f2630dd66e5e57ce11bf05a7ccac895d3c021334bacb69a6980bb2cde4
redis-debuginfo-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.ppc64le.rpm SHA-256: 20fbc9cd745a3c22df940ade245a13d6f1786014862805e35026784a29a1497c
redis-debugsource-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.ppc64le.rpm SHA-256: 98a7d52e213d42c9ed9a67bf0bf4a5d02d04a510e53a4496d0a93cec1b4fff4d
redis-devel-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.ppc64le.rpm SHA-256: 7adba2271c0a1301be4b6c3c577fe3582063f648dd8f79271cb5499746931193

Red Hat Enterprise Linux Server - TUS 8.8

SRPM
redis-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.src.rpm SHA-256: 652019bfbe7c415fb727f61f2a4277abc90c817303b5f51ab266b443c348026e
x86_64
redis-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.x86_64.rpm SHA-256: 647160d475bc85722cf261622d4ba917f588b599aada2cbf7c37aea7a6f0bc84
redis-debuginfo-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.x86_64.rpm SHA-256: c5a2dc64a9e95995ed0c163ed52c9ea8b21222178c627008ff05c489bda42f16
redis-debugsource-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.x86_64.rpm SHA-256: 7f3ed8835e4a10453384fe073eb564391087be14623c18450f54048b7803ce1f
redis-devel-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.x86_64.rpm SHA-256: 2917d30c9e44868fbfcccb5e04959d6f9954e5632e984a2315c389cfdb190306
redis-doc-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.noarch.rpm SHA-256: 46ebb7748ab7fa3e67779f27c0dae6724c115ba3c6230775a5f748397b845926

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8

SRPM
redis-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.src.rpm SHA-256: 652019bfbe7c415fb727f61f2a4277abc90c817303b5f51ab266b443c348026e
aarch64
redis-doc-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.noarch.rpm SHA-256: 46ebb7748ab7fa3e67779f27c0dae6724c115ba3c6230775a5f748397b845926
redis-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.aarch64.rpm SHA-256: ce649e7a11d952551104a2777380ae27ef4ee57a02bb8e5bf70aa0d328cf6188
redis-debuginfo-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.aarch64.rpm SHA-256: b5dc7783db632e5f5059ce04795963ffb6e5b0c31f9be8886d67c9707ffac857
redis-debugsource-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.aarch64.rpm SHA-256: 41712750202d9ffeda98f05361590a113627f9031e5159ff8628917abf69bca5
redis-devel-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.aarch64.rpm SHA-256: 8c34bca883ba7e3e198785064731aa0c88fbdaf0bf78858cfd0517755ae9b252

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM
redis-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.src.rpm SHA-256: 652019bfbe7c415fb727f61f2a4277abc90c817303b5f51ab266b443c348026e
ppc64le
redis-doc-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.noarch.rpm SHA-256: 46ebb7748ab7fa3e67779f27c0dae6724c115ba3c6230775a5f748397b845926
redis-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.ppc64le.rpm SHA-256: dfeeb2f2630dd66e5e57ce11bf05a7ccac895d3c021334bacb69a6980bb2cde4
redis-debuginfo-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.ppc64le.rpm SHA-256: 20fbc9cd745a3c22df940ade245a13d6f1786014862805e35026784a29a1497c
redis-debugsource-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.ppc64le.rpm SHA-256: 98a7d52e213d42c9ed9a67bf0bf4a5d02d04a510e53a4496d0a93cec1b4fff4d
redis-devel-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.ppc64le.rpm SHA-256: 7adba2271c0a1301be4b6c3c577fe3582063f648dd8f79271cb5499746931193

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM
redis-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.src.rpm SHA-256: 652019bfbe7c415fb727f61f2a4277abc90c817303b5f51ab266b443c348026e
x86_64
redis-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.x86_64.rpm SHA-256: 647160d475bc85722cf261622d4ba917f588b599aada2cbf7c37aea7a6f0bc84
redis-debuginfo-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.x86_64.rpm SHA-256: c5a2dc64a9e95995ed0c163ed52c9ea8b21222178c627008ff05c489bda42f16
redis-debugsource-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.x86_64.rpm SHA-256: 7f3ed8835e4a10453384fe073eb564391087be14623c18450f54048b7803ce1f
redis-devel-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.x86_64.rpm SHA-256: 2917d30c9e44868fbfcccb5e04959d6f9954e5632e984a2315c389cfdb190306
redis-doc-6.2.7-1.module+el8.8.0+23086+95b1dcd4.3.noarch.rpm SHA-256: 46ebb7748ab7fa3e67779f27c0dae6724c115ba3c6230775a5f748397b845926

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.