FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

redis,valkey -- Denial-of-service valnerability due to malformed ACL selectors

Affected packages
7.0.0 <= redis < 7.4.2
redis72 < 7.2.7
valkey < 8.0.2

Details

VuXML ID 4d79fd1a-cc93-11ef-abed-08002784c58d
Discovery 2025-01-06
Entry 2025-01-10

Redis core team reports:

An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service.The problem exists in Redis 7.0.0 or newer.

[source]

References

CVE Name CVE-2024-51741
URL https://github.com/redis/redis/security/advisories/GHSA-prpq-rh5h-46g9

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.