[Apollo] Advisories Statistics light light Login

RLSA-2025:20955

Security Mirrored from RHSA-2025:20955
Issued at: 2025-11-15
Updated at: 2025-11-15

Synopsis

Important: redis:7 security update



Description

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.

Security Fix(es):

* redis: Lua library commands may lead to integer overflow and potential RCE (CVE-2025-46817)

* Redis: Redis: Authenticated users can execute LUA scripts as a different user (CVE-2025-46818)

* Redis: Redis is vulnerable to DoS via specially crafted LUA scripts (CVE-2025-46819)

* Redis: Redis Lua Use-After-Free may lead to remote code execution (CVE-2025-49844)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 9 aarch64 Rocky Linux 9 ppc64le Rocky Linux 9 s390x Rocky Linux 9 x86_64

Fixes

2401324 2401322 2401258 2401292

CVEs

CVE-2025-46817 CVE-2025-46818 CVE-2025-46819 CVE-2025-49844

Affected packages

Rocky Linux 9 x86_64 - AppStream

redis-devel-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.x86_64.rpm redis-debugsource-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.x86_64.rpm redis-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.x86_64.rpm redis-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.src.rpm redis-debuginfo-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.x86_64.rpm redis-doc-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.noarch.rpm

Rocky Linux 9 aarch64 - AppStream

redis-debuginfo-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.aarch64.rpm redis-devel-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.aarch64.rpm redis-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.src.rpm redis-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.aarch64.rpm redis-doc-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.noarch.rpm redis-debugsource-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.aarch64.rpm

Rocky Linux 9 s390x - AppStream

redis-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.s390x.rpm redis-debuginfo-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.s390x.rpm redis-debugsource-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.s390x.rpm redis-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.src.rpm redis-devel-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.s390x.rpm redis-doc-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.noarch.rpm

Rocky Linux 9 ppc64le - AppStream

redis-devel-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.ppc64le.rpm redis-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.ppc64le.rpm redis-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.src.rpm redis-debuginfo-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.ppc64le.rpm redis-doc-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.noarch.rpm redis-debugsource-0:7.2.11-1.module+el9.6.0+32613+cddc9cef.ppc64le.rpm