All errata/sisyphus_e2k/ALT-PU-2026-9617-1
ALT-PU-2026-9617-1

Package update valkey in branch sisyphus_e2k

Version8.1.8-alt1
Task#0
Published2026-06-10
Max severityHIGH
Severity:

Closed issues (10)

BDU:2026-06444
HIGH8.8

Уязвимость функции processCommandAndResetClient() системы управления базами данных (СУБД) Redis, позволяющая нарушителю выполнить произвольный код

Published: 2026-05-11
CVSS 3.xHIGH 8.8
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.0CRITICAL 9.0
CVSS:2.0/AV:N/AC:L/Au:S/C:C/I:C/A:C
References
BDU:2026-06448
HIGH8.8

Уязвимость команды RESTORE системы управления базами данных (СУБД) Redis, позволяющая нарушителю выполнить произвольный код

Published: 2026-05-11
CVSS 3.xHIGH 8.8
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.0CRITICAL 9.0
CVSS:2.0/AV:N/AC:L/Au:S/C:C/I:C/A:C
References
BDU:2026-06451
HIGH8.1

Уязвимость интерпретатора скриптов Lua системы управления базами данных (СУБД) Redis, позволяющая нарушителю выполнить произвольный код

Published: 2026-05-11
CVSS 3.xHIGH 8.1
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
CVSS 2.0HIGH 8.5
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:C/A:C
References
BDU:2026-07333
HIGH7.1

Уязвимость сервера структур данных Valkey, связанная с недостаточной нейтрализацией специальных элементов в запросе, позволяющая нарушителю выполнить произвольный код

Published: 2026-05-26
CVSS 3.xHIGH 7.1
CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
CVSS 2.0HIGH 7.5
CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:P/A:C
References
BDU:2026-07339
HIGH7.5

Уязвимость сервера структур данных Valkey, связанная с чтением за границами буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2026-05-26
CVSS 3.xHIGH 7.5
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0HIGH 7.8
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C
References
CVE-2025-67733
HIGH7.1

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same connection. The error handling code for lua scripts does not properly handle null characters. Versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12 fix the issue.

Published: 2026-02-23Modified: 2026-06-17
CVSS 3.xHIGH 7.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
References
CVE-2026-21863
HIGH7.5

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious actor with access to the Valkey clusterbus port can send an invalid packet that may cause an out bound read, which might result in the system crashing. The Valkey clusterbus packet processing code does not validate that a clusterbus ping extension packet is located within buffer of the clusterbus packet before attempting to read it. Versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12 fix the issue. As an additional mitigation, don't expose the cluster bus connection directly to end users, and protect the connection with its own network ACLs.

Published: 2026-02-23Modified: 2026-06-17
CVSS 3.xHIGH 7.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References
CVE-2026-23479
HIGH7.7

Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from `processCommandAndResetClient` when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger a use-after-free that may lead to remote code execution. This has been patched in version 8.6.3.

Published: 2026-05-05Modified: 2026-06-17
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 4.0HIGH 7.7
CVSS:4.0/CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
CVE-2026-23631
MEDIUM6.1

Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remote code execution. A workaround is to prevent users from executing Lua scripts or avoid using replicas where replica-read-only is disabled. This is patched in version 8.6.3.

Published: 2026-05-05Modified: 2026-06-17
CVSS 3.xHIGH 8.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
CVSS 4.0MEDIUM 6.1
CVSS:4.0/CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
CVE-2026-25243
HIGH7.7

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may lead to remote code execution. A workaround is to restrict access to the RESTORE command with ACL rules. This is patched in version 8.6.3.

Published: 2026-05-05Modified: 2026-06-17
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 4.0HIGH 7.7
CVSS:4.0/CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References