ALSA-2025:20955

[ALSA-2025:20955] Important: redis:7 security update

Type:

security

Severity:

important

Release date:

2025-11-19

Description:

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.  

Security Fix(es):  

  * redis: Lua library commands may lead to integer overflow and potential RCE (CVE-2025-46817)
  * Redis: Redis: Authenticated users can execute LUA scripts as a different user (CVE-2025-46818)
  * Redis: Redis is vulnerable to DoS via specially crafted LUA scripts (CVE-2025-46819)
  * Redis: Redis Lua Use-After-Free may lead to remote code execution (CVE-2025-49844)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	redis-7.2.11-1.module_el9.6.0+188+92104ce8.aarch64.rpm	6313b06d9be478aba015e0ec2ea0f2a9987e7186299562fa87864e66c1cbd3e5
aarch64	redis-devel-7.2.11-1.module_el9.6.0+188+92104ce8.aarch64.rpm	b36998695891620e2e9fc4cab9b52dc0a1c580f86ecd86bc6720c51df1f976aa
noarch	redis-doc-7.2.11-1.module_el9.6.0+188+92104ce8.noarch.rpm	e0e782684f21c859ef6e2be5a9e350696716b68b6e68ae9e6070eaae7a7881f2
ppc64le	redis-devel-7.2.11-1.module_el9.6.0+188+92104ce8.ppc64le.rpm	14dc95a7f80beef6f99e3fcfaaaffdedc8e3dfa613a2cd556ccc0e6d96dd5279
ppc64le	redis-7.2.11-1.module_el9.6.0+188+92104ce8.ppc64le.rpm	6ad6818133862e27f851019520450f5da8a667ca0fb97f6f7a6c140b2d42fe05
s390x	redis-7.2.11-1.module_el9.6.0+188+92104ce8.s390x.rpm	0224c646e556c5d4ae9d33f72d7dd4d2cc38e87fda59245ad6b6f937b646a39d
s390x	redis-devel-7.2.11-1.module_el9.6.0+188+92104ce8.s390x.rpm	5712cf06b3a42c187c13116b38a9ae8c2a72f01ece80177e6180b2617e1d495c
x86_64	redis-devel-7.2.11-1.module_el9.6.0+188+92104ce8.x86_64.rpm	90298fd50cf73052e6551a7f8cf99bec8240edb1142b28ec611fc6b70ce0c1b2
x86_64	redis-7.2.11-1.module_el9.6.0+188+92104ce8.x86_64.rpm	be5adfa72b4b9b85cd6a4dbde126c6c2d02477efeb248e37df5262c281f1f019

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.