diff options
author | Oran Agra <oran@redislabs.com> | 2022-09-22 11:55:53 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-09-22 11:55:53 +0300 |
commit | 6d21560190fd5b09ff849ad1777e868d5e78da5f (patch) | |
tree | a1de689120f325093788f14763d6a80d38d4ceb6 /src/networking.c | |
parent | e53bf6524599dec89c08250c5d0f5bed096ae394 (diff) | |
download | redis-6d21560190fd5b09ff849ad1777e868d5e78da5f.tar.gz |
Fix heap overflow vulnerability in XAUTOCLAIM (CVE-2022-35951) (#11301)
Executing an XAUTOCLAIM command on a stream key in a specific state, with a
specially crafted COUNT argument may cause an integer overflow, a subsequent
heap overflow, and potentially lead to remote code execution.
The problem affects Redis versions 7.0.0 or newer.
Diffstat (limited to 'src/networking.c')
0 files changed, 0 insertions, 0 deletions