ALSA-2025:20926

[ALSA-2025:20926] Important: redis security update

Type:

security

Severity:

important

Release date:

2025-11-19

Description:

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.  

Security Fix(es):  

  * redis: Lua library commands may lead to integer overflow and potential RCE (CVE-2025-46817)
  * Redis: Redis: Authenticated users can execute LUA scripts as a different user (CVE-2025-46818)
  * Redis: Redis is vulnerable to DoS via specially crafted LUA scripts (CVE-2025-46819)
  * Redis: Redis Lua Use-After-Free may lead to remote code execution (CVE-2025-49844)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	redis-6.2.20-2.el9_7.aarch64.rpm	11c9b9f5f25bb4f3e692de2712d0e9ca2f9da46dd10d497226d003ffc1f23be3
aarch64	redis-devel-6.2.20-2.el9_7.aarch64.rpm	f74f4524ccd1a08bf4b7294501deedae3bf074b8b198d5be6466be88f5442969
i686	redis-devel-6.2.20-2.el9_7.i686.rpm	ea9e524dc444adf6eac05895364cd67f095cba02416b1e703d0de63c2db969b9
noarch	redis-doc-6.2.20-2.el9_7.noarch.rpm	42232f3aecfa61e79d0025ac7cc0edb318fc05cf219e6b0404c9eedc8aaf5117
ppc64le	redis-devel-6.2.20-2.el9_7.ppc64le.rpm	73ff4be1c35fd60d25e4eae664d03039ce49e31781a55b3dab7900cf45d22683
ppc64le	redis-6.2.20-2.el9_7.ppc64le.rpm	ae08f726ee10d04ad47fdd2e0b66ebf9c28ff060464e3481942a50408932a3b9
s390x	redis-devel-6.2.20-2.el9_7.s390x.rpm	47c268a5ec655057cc8e18ed24b20e7e1bc806688dbcb452abf346c5684c4d1f
s390x	redis-6.2.20-2.el9_7.s390x.rpm	8f4a58c1610c22166890c0dee69c65063e419fd1df48431d418cc69f7a3e6176
x86_64	redis-devel-6.2.20-2.el9_7.x86_64.rpm	1e23c93f7a1f6099640b2bd65ec143dd479354232b94bc9fbd5d59e182053b05
x86_64	redis-6.2.20-2.el9_7.x86_64.rpm	c0325539d230ee309fc9a0e3f3fc2755c8b3557386e63ace1a62233d8f175fd8

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.