Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-0543: #1005787 - redis: CVE-2022-0543 - Debian Bug report logs

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.

CVE
#vulnerability#ios#mac#debian#redis#js#rce#pdf#amd#i2p

Reported by: “Chris Lamb” [email protected]

Date: Mon, 14 Feb 2022 22:39:02 UTC

Severity: grave

Tags: security

Found in versions redis/5:5.0.14-1+deb10u1, redis/5:5.0.3-4, redis/5:6.0.15-1

Fixed in versions redis/5:6.0.16-1+deb11u2, redis/5:5.0.14-1+deb10u2, redis/5:6.0.16-2, redis/5:7.0~rc2-2

Done: Chris Lamb [email protected]

Bug is archived. No further changes may be made.

Toggle useless messages

Report forwarded to [email protected], [email protected], Chris Lamb [email protected]:
Bug#1005787; Package redis. (Mon, 14 Feb 2022 22:39:04 GMT) (full text, mbox, link).

Acknowledgement sent to “Chris Lamb” [email protected]:
New Bug report received and forwarded. Copy sent to [email protected], Chris Lamb [email protected]. (Mon, 14 Feb 2022 22:39:04 GMT) (full text, mbox, link).

Message #5 received at [email protected] (full text, mbox, reply):

Package: redis Version: 5:5.0.14-1+deb10u1 X-Debbugs-CC: [email protected] Severity: grave Tags: security

Hi,

A vulnerability was published for redis as CVE-2022-0543[0]. This is the placeholder Debian bug which will be renamed and fleshed out later with more details once it has become unembargoed.

[0] https://security-tracker.debian.org/tracker/CVE-2022-0543 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0543

Regards,

– ,’’`. : :’ : Chris Lamb `. `’` [email protected] / chris-lamb.co.uk `-

Marked as found in versions redis/5:6.0.15-1. Request was from Salvatore Bonaccorso [email protected] to [email protected]. (Tue, 15 Feb 2022 05:54:03 GMT) (full text, mbox, link).

Marked as found in versions redis/5:5.0.3-4. Request was from Salvatore Bonaccorso [email protected] to [email protected]. (Fri, 18 Feb 2022 20:45:09 GMT) (full text, mbox, link).

Reply sent to Chris Lamb [email protected]:
You have taken responsibility. (Sat, 19 Feb 2022 17:03:08 GMT) (full text, mbox, link).

Notification sent to “Chris Lamb” [email protected]:
Bug acknowledged by developer. (Sat, 19 Feb 2022 17:03:08 GMT) (full text, mbox, link).

Message #14 received at [email protected] (full text, mbox, reply):

Source: redis Source-Version: 5:6.0.16-1+deb11u2 Done: Chris Lamb [email protected]

We believe that the bug you reported is fixed in the latest version of redis, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is attached.

Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software pp. Chris Lamb [email protected] (supplier of updated redis package)

(This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected])

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

Format: 1.8 Date: Mon, 14 Feb 2022 14:45:00 -0800 Source: redis Binary: redis redis-sentinel redis-server redis-tools redis-tools-dbgsym Built-For-Profiles: nocheck Architecture: source amd64 all Version: 5:6.0.16-1+deb11u2 Distribution: bullseye-security Urgency: high Maintainer: Chris Lamb [email protected] Changed-By: Chris Lamb [email protected] Description: redis - Persistent key-value database with network interface (metapackage redis-sentinel - Persistent key-value database with network interface (monitoring) redis-server - Persistent key-value database with network interface redis-tools - Persistent key-value database with network interface (client) Closes: 1005787 Changes: redis (5:6.0.16-1+deb11u2) bullseye-security; urgency=high . * CVE-2022-0543: Prevent a Debian-specific Lua sandbox escape vulnerability. . This vulnerability existed because the Lua library in Debian is provided as a dynamic library. A “package” variable was automatically populated that in turn permitted access to arbitrary Lua functionality. As this extended to, for example, the “execute” function from the “os” module, an attacker with the ability to execute arbitrary Lua code could potentially execute arbitrary shell commands. . Thanks to Reginaldo Silva https://www.ubercomp.com\ for discovering and reporting this issue. (Closes: #1005787) Checksums-Sha1: 73a12dedee6e1510def455590526af17ccf56a24 2296 redis_6.0.16-1+deb11u2.dsc cd9e181eef1125b7c7eb9cd1198791ac0a9f24ae 29764 redis_6.0.16-1+deb11u2.debian.tar.xz b750091b586a44eb6a208b5b0fd772943c0e323b 64540 redis-sentinel_6.0.16-1+deb11u2_amd64.deb 8e424ccd6768ead6b953c3b0438dc75fbf5ac1e4 98212 redis-server_6.0.16-1+deb11u2_amd64.deb 752ff3b7355ae569dd88e990c6ef5fb67abd7bf0 1760540 redis-tools-dbgsym_6.0.16-1+deb11u2_amd64.deb 52750a0022140b2d0f051cce4df742727411f759 741308 redis-tools_6.0.16-1+deb11u2_amd64.deb d9921bfcfa27a7825ffed9b112b10b8e49063180 56796 redis_6.0.16-1+deb11u2_all.deb c271c00ede79a4f5a45983efe0350d1efe7ccd1f 7482 redis_6.0.16-1+deb11u2_amd64.buildinfo Checksums-Sha256: fbce4f2cb4b5c7d1e4371b74dfd54066de592080f398be148c274c7b116060fc 2296 redis_6.0.16-1+deb11u2.dsc 11dd7e429818fa7a4595849bc3223f4a23055d4e83b474e54102e5eeb922ad0d 29764 redis_6.0.16-1+deb11u2.debian.tar.xz cec84029bd00b54bb7ee425c1561336141bfcdc626e87a32001e84e93510a923 64540 redis-sentinel_6.0.16-1+deb11u2_amd64.deb d7d3d93e00d414982eef09b57de3ad39db5ab61c16aef58241dedb75db0105fc 98212 redis-server_6.0.16-1+deb11u2_amd64.deb e3198c1a058b1dc0f795ff81f1b6346d39edbafa736e0ed36653c4f2546e1d38 1760540 redis-tools-dbgsym_6.0.16-1+deb11u2_amd64.deb 0329056b6cf1cc65ec1069a66bb0825ddb8307d1c6c5c93ab022fb19187138fd 741308 redis-tools_6.0.16-1+deb11u2_amd64.deb 9f671ecd20d9c60cb5548cf0608b9d259b89cbf55ba96f888c31a4477a0d351e 56796 redis_6.0.16-1+deb11u2_all.deb 66986056b626ba113fd77911d6e3bb86b95f04a15dcb3b0bf6500321fab19350 7482 redis_6.0.16-1+deb11u2_amd64.buildinfo Files: 39239e8d8292c0c73daa176405380215 2296 database optional redis_6.0.16-1+deb11u2.dsc 33786e9d93c01b16352b2b25372a69b4 29764 database optional redis_6.0.16-1+deb11u2.debian.tar.xz 9ad5ac71ee63206022820e1ea82e24dd 64540 database optional redis-sentinel_6.0.16-1+deb11u2_amd64.deb 5ce11a294ed67a34a59f5ecc612bc45d 98212 database optional redis-server_6.0.16-1+deb11u2_amd64.deb 27b40d97fa17552a2aa2e1268232c738 1760540 debug optional redis-tools-dbgsym_6.0.16-1+deb11u2_amd64.deb 94004e20ad4918c55b15d633f019f3b9 741308 database optional redis-tools_6.0.16-1+deb11u2_amd64.deb 05d1e4d3be7b82c80396fc23d2611b47 56796 database optional redis_6.0.16-1+deb11u2_all.deb 8339e96b1f51b7306e624952b9b1a1ef 7482 database optional redis_6.0.16-1+deb11u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmINc7kACgkQHpU+J9Qx HlgZgw//YSjcO3JSSvbZFP3GqYl8jYysHBMMJtqGb3vnkRuq2jgxDr1ZgDN1DAKz a2+j+nES56Y1lny6TdbhQk9rLV9c2yVVrdcaO3P41goii9SSOUO4/IMuzPHqil39 7ApnuORI07MZ5SbpKKRDdzy4mfE2fOcSkCkxyD0IslkO32vxR95/nCLXG1lW7Hmp FRnLJwDa1fLiUQNyAWEQSGaZzEDO3MOofQzHLrSWMkj4lBWi8mOsvKRzIiy55+j+ GeCYsDJKTLmtoGxrHIbz3dnexTp/Zc2o3cBecgpgIfgUJphHpgNP76cugXchjJ6S YPXUyc5OvSjyEtBYAWdVEwCBw8w59yZhkOJO8LR3l/Ho+u39OSFO5VN54bRJ5I3o 58tCTIFlE7H9Vr6G9T9tk/u4AnwzPeBJ09/nH+58vTgnall/mSw4s49d/07y9jAP IpKTY0tD3RkJ2zew674WZbfAxicVtOWqvQErhT7Y9Oa6w7edg4UPrLRus1UP3VBJ aX5Td00D/GeW+VxIkel/cBxb2pTZlXuzCKm55tcUJ6M81THXlmlHedaqzbvHAmkO W9cfu4TH49jUauoCPJ5eBZiNvqeRN0Dr6xTJGut6Q8dZ/zBCHpbN/7/xKSF84JI7 i+fNJLiRK7DFnOl+LZBwsCPj6Zws5QeFF9X9t2mKKisaw9tlOUM= =K53A -----END PGP SIGNATURE-----

Reply sent to Chris Lamb [email protected]:
You have taken responsibility. (Sat, 19 Feb 2022 17:03:14 GMT) (full text, mbox, link).

Notification sent to “Chris Lamb” [email protected]:
Bug acknowledged by developer. (Sat, 19 Feb 2022 17:03:14 GMT) (full text, mbox, link).

Message #19 received at [email protected] (full text, mbox, reply):

Source: redis Source-Version: 5:5.0.14-1+deb10u2 Done: Chris Lamb [email protected]

We believe that the bug you reported is fixed in the latest version of redis, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is attached.

Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software pp. Chris Lamb [email protected] (supplier of updated redis package)

(This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected])

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

Format: 1.8 Date: Mon, 14 Feb 2022 14:40:49 -0800 Source: redis Binary: redis redis-sentinel redis-server redis-tools redis-tools-dbgsym Built-For-Profiles: nocheck Architecture: source amd64 all Version: 5:5.0.14-1+deb10u2 Distribution: buster-security Urgency: high Maintainer: Chris Lamb [email protected] Changed-By: Chris Lamb [email protected] Description: redis - Persistent key-value database with network interface (metapackage redis-sentinel - Persistent key-value database with network interface (monitoring) redis-server - Persistent key-value database with network interface redis-tools - Persistent key-value database with network interface (client) Closes: 1005787 Changes: redis (5:5.0.14-1+deb10u2) buster-security; urgency=high . * CVE-2022-0543: Prevent a Debian-specific Lua sandbox escape vulnerability. . This vulnerability existed because the Lua library in Debian is provided as a dynamic library. A “package” variable was automatically populated that in turn permitted access to arbitrary Lua functionality. As this extended to, for example, the “execute” function from the “os” module, an attacker with the ability to execute arbitrary Lua code could potentially execute arbitrary shell commands. . Thanks to Reginaldo Silva https://www.ubercomp.com\ for discovering and reporting this issue. (Closes: #1005787) Checksums-Sha1: c7323594890807164422503c38c4d687e9e8e14f 2190 redis_5.0.14-1+deb10u2.dsc d383cc7958c7ea89006509e4793c76eaa591cd20 2017965 redis_5.0.14.orig.tar.gz f0606f84773a5dd31b43348a4ccc5b3cebd3e1c8 27040 redis_5.0.14-1+deb10u2.debian.tar.xz 95bc17791025dba181ad800d6c60823fb4f8f94f 63564 redis-sentinel_5.0.14-1+deb10u2_amd64.deb fdce48049810468f5b0ab7db3c59097f5381b12a 90812 redis-server_5.0.14-1+deb10u2_amd64.deb d3b4e1d5e72406ef7cfb2b9f9f505ba552882cc3 1254712 redis-tools-dbgsym_5.0.14-1+deb10u2_amd64.deb 272d111201ab937b40db64a5c8970390370a3f2b 540648 redis-tools_5.0.14-1+deb10u2_amd64.deb 9800667dd5f599f3f6ceac4edac179d1dcde7283 56136 redis_5.0.14-1+deb10u2_all.deb ba87f9c796cd875424b3417f534a0532f1242636 7061 redis_5.0.14-1+deb10u2_amd64.buildinfo Checksums-Sha256: b4f65b96b89f980077d7e042477c97421133bf19b77ebbfb0560db83ac13d70c 2190 redis_5.0.14-1+deb10u2.dsc 6d8e87baeaae521a4ad2d9b5e2af78f582a4212a370c4a8e7e1c58dbbd9a0f19 2017965 redis_5.0.14.orig.tar.gz cae16a8e87c1f45eaa14b62cd5a46cf753e4ac688322cf300e49e350aebf5994 27040 redis_5.0.14-1+deb10u2.debian.tar.xz 86946a3aa9cc0efc1400e2f767d13bb527b4991d9ad67d4ea46e2d2ed1f56412 63564 redis-sentinel_5.0.14-1+deb10u2_amd64.deb f3ca8e21d179771309e04ba74bd4d7fe10006d48f0a381d41d0e961b7f7e5afc 90812 redis-server_5.0.14-1+deb10u2_amd64.deb 5d7214ccb0be09a5bf7204a1ef56fe1c84ed07b004ebf3649934f35e828e2767 1254712 redis-tools-dbgsym_5.0.14-1+deb10u2_amd64.deb c3fcc65f76f397ee5f68a2e48ffbe7d6cfdb5e6d62d0e251c10ae2388a1ab2e4 540648 redis-tools_5.0.14-1+deb10u2_amd64.deb 716dad9d84674ba16da517d8e1f00ff5d63904671f4306ef5f47b19f42e8fc44 56136 redis_5.0.14-1+deb10u2_all.deb bfdfa56d32bbfce8b92b83bcbe4f26f73d3dcf0e5705b25167bb8d9245fdccb4 7061 redis_5.0.14-1+deb10u2_amd64.buildinfo Files: e6c701025cb1bb2d983e6240b46a3075 2190 database optional redis_5.0.14-1+deb10u2.dsc 1a06c1b414d9f895b32e6af714932175 2017965 database optional redis_5.0.14.orig.tar.gz 70f6d2c86d96941343f1d360f547a782 27040 database optional redis_5.0.14-1+deb10u2.debian.tar.xz e64f92387fd903263197a1cbb1829a93 63564 database optional redis-sentinel_5.0.14-1+deb10u2_amd64.deb 09c80f9ab624f519a3b85426e4103602 90812 database optional redis-server_5.0.14-1+deb10u2_amd64.deb aea040f10b8a4d2422bd6ffc31d2d548 1254712 debug optional redis-tools-dbgsym_5.0.14-1+deb10u2_amd64.deb 267208455bcd8d8372602de5b5e84320 540648 database optional redis-tools_5.0.14-1+deb10u2_amd64.deb 231d8446c16b71b0dd2b7b8510fbd197 56136 database optional redis_5.0.14-1+deb10u2_all.deb 7d006a42b9b83669c94f2a55f8288fa3 7061 database optional redis_5.0.14-1+deb10u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmINcucACgkQHpU+J9Qx Hlj5cA//Wm/4hMQTweY1HK5wBmSvJsFJ6uoO2iDqT6uD72+vcAgWmFpIY4Ms3YYD BUZjZhmLdra8JetlfGpBagDVQaY91lKuUDLBi2ppf9+dzzIzYflaNzmpNQqm177T uo6gGVqYZNCYp036WHtd9oBD99SH3R5T0QHFq/I7LmbWr8mtKooZ1ji7tXZa1nLU R3hKKz3j4WUBGuyvGCM7xsqWBqYVh6vhz+e0/Zns+UVWyV2Xno/YMw03sh/u7Vt5 qU+FcE10u551YuFnWBlNwNdm+53Xj/EOBtpiRA5fnrcYcA34Pz7kEyV6VzTIF06Y OESEcegCm1F/xkVJZfy8U2e181Y+BPDOIUTbsWi0NiakBfIJV1QSGL4fkyuntSqF WCKe7ukB10oORjOIs848Bbnnf0kG0TTCCURbJUyrk4725dKkJrtpUOe9WJ9+dbS3 9ElUvZjBTSdtrjXtwKphrkTz6VMHAl2CNs9WpbfrmRro4FOz1XM1nZPRJEfe7R6t VHHKQaRhs4eYQ2NNo0/ujwPjIITN2Y1xwJ5yXlutozKKSlLunEm6LfihOnaP3707 hdpetFrEjBGkIsP400AEGMWK4dzTBAUAB1spcWDzMJlmBph44ojAo9gNsmKGveuY Mn/0PL7oBoBSyWvsMDepTUq0QJdAdCpE1wOqZK0DI1A0YsIzh1k= =mfZn -----END PGP SIGNATURE-----

Reply sent to Chris Lamb [email protected]:
You have taken responsibility. (Tue, 08 Mar 2022 11:27:05 GMT) (full text, mbox, link).

Notification sent to “Chris Lamb” [email protected]:
Bug acknowledged by developer. (Tue, 08 Mar 2022 11:27:05 GMT) (full text, mbox, link).

Message #24 received at [email protected] (full text, mbox, reply):

Source: redis Source-Version: 5:6.0.16-2 Done: Chris Lamb [email protected]

We believe that the bug you reported is fixed in the latest version of redis, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is attached.

Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software pp. Chris Lamb [email protected] (supplier of updated redis package)

(This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected])

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

Format: 1.8 Date: Tue, 08 Mar 2022 11:08:46 +0000 Source: redis Built-For-Profiles: nocheck Architecture: source Version: 5:6.0.16-2 Distribution: unstable Urgency: high Maintainer: Chris Lamb [email protected] Changed-By: Chris Lamb [email protected] Closes: 1005787 Changes: redis (5:6.0.16-2) unstable; urgency=high . * CVE-2022-0543: Prevent a Debian-specific Lua sandbox escape vulnerability. . This vulnerability existed because the Lua library in Debian is provided as a dynamic library. A “package” variable was automatically populated that in turn permitted access to arbitrary Lua functionality. As this extended to, for example, the “execute” function from the “os” module, an attacker with the ability to execute arbitrary Lua code could potentially execute arbitrary shell commands. . Thanks to Reginaldo Silva https://www.ubercomp.com\ for discovering and reporting this issue. (Closes: #1005787) Checksums-Sha1: 48810dfaaee552b2a397a27ae832f607b3b70e3a 2264 redis_6.0.16-2.dsc a47df9adeaf3d1ff9b9df1b1fc8e8dbd191490e2 29756 redis_6.0.16-2.debian.tar.xz 27cc668080e3467e8d9065a5afa5ba6b3e9ac4cc 7408 redis_6.0.16-2_amd64.buildinfo Checksums-Sha256: 41cab0e400c1400067bd887d181c7975dd4e0cc5e7c626b0afc5d8c3cd23009b 2264 redis_6.0.16-2.dsc 64cb48251a82f003fc79c4277807ac8c867d61c169cb053682b6e0731e91b1af 29756 redis_6.0.16-2.debian.tar.xz 82cc08b3f4c573c0ca8d714933078df540e8025931a8afac77c8ef8b518d452e 7408 redis_6.0.16-2_amd64.buildinfo Files: 6315f9aab14ce34a8087524f9ae0c702 2264 database optional redis_6.0.16-2.dsc cf578dec93c53c6d7947dcff5dbc16f7 29756 database optional redis_6.0.16-2.debian.tar.xz 8c0cb37c41106f795f92ebe4e6bb5374 7408 database optional redis_6.0.16-2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmInOc8ACgkQHpU+J9Qx HlgQ+BAAl8AxvcmQTuMFyO+XMj4ig/Gvv9RB0qF3jhAWOG7NykTP3pdlEFxZwRGH VcOtPjVmIgcKGZDvJOftW5IwGaAWCqplOpm/vgHwjPHGLAkAARXWJnDQDxmJsMPZ UqwMhqqJH2XpbjDs1sH9FPUbHPNfXnbQpMyyFjpYPk6jt38moj6hN1laArDxvjt9 BQqCxT4X0ZctSiv/iakOUXz2bNWlu1ZqayWVQ/nfCdrViosegwEfpmmDwgOUS4YG SWzN8+dYgd55hC1J+M7WX8qtCmY+CZatfZWVpa5so1VfpfOCBSWQbuVN6gann66w f/GmTrzP7UHGGpUPJV3dCwc+YXIeosFCON3ilrHYXttxqAfSAeJCEu65amaaIX3W G506701U3hfIOGME1WgjiarKSMZF3+uhgTSwqjrosRJ7qUzQiL3jV1OFkgv9UjwT hxkqPDF2gjIb4LiYQnTjC/HSWl1xqg/BA3oaOPCbFy9UxQEPcNW98MM7JXDhAORT NWDA7TaL2Sd6isJuY/wchKUbMFUP/bN5TesZKfW5kTLHVNDkc/kd24UJYBxnirqV IyzHTcVjkPGFwPi3V5bBYUcEj9XwORC99spiTG7ndNOPT3WbqyRAmxC/hxNNufl6 npZIolO0++hWChi/uzkKtgKQu19F0R4Gzr8Nc+z0eQ64tgpkv+s= =v/95 -----END PGP SIGNATURE-----

Reply sent to Chris Lamb [email protected]:
You have taken responsibility. (Tue, 08 Mar 2022 11:27:07 GMT) (full text, mbox, link).

Notification sent to “Chris Lamb” [email protected]:
Bug acknowledged by developer. (Tue, 08 Mar 2022 11:27:07 GMT) (full text, mbox, link).

Message #29 received at [email protected] (full text, mbox, reply):

Source: redis Source-Version: 5:7.0~rc2-2 Done: Chris Lamb [email protected]

We believe that the bug you reported is fixed in the latest version of redis, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is attached.

Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software pp. Chris Lamb [email protected] (supplier of updated redis package)

(This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected])

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

Format: 1.8 Date: Tue, 08 Mar 2022 11:05:56 +0000 Source: redis Built-For-Profiles: nocheck Architecture: source Version: 5:7.0~rc2-2 Distribution: experimental Urgency: high Maintainer: Chris Lamb [email protected] Changed-By: Chris Lamb [email protected] Closes: 1005787 Changes: redis (5:7.0~rc2-2) experimental; urgency=high . * CVE-2022-0543: Prevent a Debian-specific Lua sandbox escape vulnerability. . This vulnerability existed because the Lua library in Debian is provided as a dynamic library. A “package” variable was automatically populated that in turn permitted access to arbitrary Lua functionality. As this extended to, for example, the “execute” function from the “os” module, an attacker with the ability to execute arbitrary Lua code could potentially execute arbitrary shell commands. . Thanks to Reginaldo Silva https://www.ubercomp.com\ for discovering and reporting this issue. (Closes: #1005787) Checksums-Sha1: b6202bc4dd0d0e013d03df5f45041eb6757f76dc 2280 redis_7.0~rc2-2.dsc 3623f6961585e64fa853be59e4be444061a820cd 27976 redis_7.0~rc2-2.debian.tar.xz 2bfc35e8efbc451b2c868277606f3482f12d9df4 7427 redis_7.0~rc2-2_amd64.buildinfo Checksums-Sha256: 78fece1044f5afe956b784bf8d69c20f2fb6ee960fa707261a696c9187521000 2280 redis_7.0~rc2-2.dsc e83bc7294a67918d7eef5f71e7e7b8107109687a1398956e39a6546b6d645400 27976 redis_7.0~rc2-2.debian.tar.xz ecb739e8bafaf12fcad1bbe17b39567ea26042f0fd182478a22fa7f1f6cb8e64 7427 redis_7.0~rc2-2_amd64.buildinfo Files: 5a2035a16671cf19409df270c571c565 2280 database optional redis_7.0~rc2-2.dsc 77cb8ead85d7cfc95ca04cb516eef011 27976 database optional redis_7.0~rc2-2.debian.tar.xz 5ba5623bb3355997d4747cd099c55d51 7427 database optional redis_7.0~rc2-2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmInORkACgkQHpU+J9Qx Hlj8gg//XVUyRIqKUQCtQV1hdPslFaVNb8wTpIiuuc2wQav4IPcGWdg1iALk/C98 ivkUAvSFLSXx87cRL4m73h3pKJ/OtserPp/a1EadxJQXXi0K3lE7G+rav9Gj99CF i++ThpU2/y+aAn3UOV8m0jaUGJj+OLkK9iIRLeBGXMAFI1mdoBptvLGezBdECKvF Og8LZeiXmU4f1V+6eEljyRFltfnYMdOgxWf8UGt+vTLnnSH/e+S6Pa0YH0UMQgXy uDwRs6j2Ta9CK/H+1VS7jwSI94Gy+lhtZn8EcOLEBDxQ535uy5zNmVPvXOdPE6dH GiwBfcNHXSxrWR2sHP+IsEuNWoDUxKqNXpGmGB9VrTrWgeffj200x2ccZEP6JqDk 8E/X3tPY4xsGQo7Z5umvO492vJLLA2ubWtBTI4KLRnxowzKVJF6N624gCEqVePSw j19QkrhXiZTDyBabldr2th36NzrbYrsS//uZY1khJPBB/j9lRTRmtAkY+0a282ge ZmZEyAaWs/XhDTckHHtdxdXUEU74LHl+X14asAvVJ6Kx/aP0WprJoi0ZMXdzdb+Q +ruEuoWYvvuZ4aeCQcThvICdxmZBNEL239XZLM6nJQz3aOZlZ6z89igLyYL3RxGu rte4x01G3TGKmFeztSSOj9wD6CGlJD/+U/UywoSVZULYkrJvRuo= =2MY8 -----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request [email protected] to [email protected]. (Thu, 07 Apr 2022 07:26:37 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <[email protected]>. Last modified: Sun Jun 5 02:43:34 2022; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Related news

New P2PInfect Botnet MIPS Variant Targeting Routers and IoT Devices

Cybersecurity researchers have discovered a new variant of an emerging botnet called P2PInfect that's capable of targeting routers and IoT devices. The latest version, per Cado Security Labs, is compiled for Microprocessor without Interlocked Pipelined Stages (MIPS) architecture, broadening its capabilities and reach. "It's highly likely that by targeting MIPS, the P2PInfect developers

New P2PInfect Worm Targets Redis Servers with Undocumented Breach Methods

The P2PInfect peer-to-peer (P2) worm has been observed employing previously undocumented initial access methods to breach susceptible Redis servers and rope them into a botnet. "The malware compromises exposed instances of the Redis data store by exploiting the replication feature," Cado Security researchers Nate Bill and Matt Muir said in a report shared with The Hacker News. "A common attack

P2PInfect: Self-Replicating Worm Hits Redis Instances

By Waqas Known as 'P2PInfect,' the worm exploits a critical vulnerability to infiltrate Redis instances and assimilates them into a larger P2P network, enabling it to spread rapidly. This is a post from HackRead.com Read the original post: P2PInfect: Self-Replicating Worm Hits Redis Instances

New P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems

Cybersecurity researchers have uncovered a new cloud targeting, peer-to-peer (P2P) worm called P2PInfect that targets vulnerable Redis instances for follow-on exploitation. "P2PInfect exploits Redis servers running on both Linux and Windows Operating Systems making it more scalable and potent than other worms," Palo Alto Networks Unit 42 researchers William Gamazo and Nathaniel Quist said. "This

New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers

At least 1,200 Redis database servers worldwide have been corralled into a botnet using an "elusive and severe threat" dubbed HeadCrab since early September 2021. "This advanced threat actor utilizes a state-of-the-art, custom-made malware that is undetectable by agentless and traditional anti-virus solutions to compromise a large number of Redis servers," Aqua security researcher Asaf Eitani

Hackers Exploiting Redis Vulnerability to Deploy New Redigo Malware on Servers

A previously undocumented Go-based malware is targeting Redis servers with the goal of taking control of the infected systems and likely building a botnet network. The attacks involve taking advantage of a critical security vulnerability in the open source, in-memory, key-value store that was disclosed earlier this year to deploy Redigo, according to cloud security firm Aqua.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907