CVE-2024-31449

Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS v3 7.0 HIGH

7.0^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.0 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/redis/redis/commit/1f7c148be2cbacf7d50aa461c58b871e87cc5ed9	Patch
https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:redis:redis::::::::
	cpe:2.3:a:redis:redis::::::::
	cpe:2.3:a:redis:redis:7.4.0:-::::::
	cpe:2.3:a:redis:redis:7.4.0:rc1::::::
	cpe:2.3:a:redis:redis:7.4.0:rc2::::::

History

04 Sep 2025, 19:03

Type	Values Removed	Values Added
CPE		cpe:2.3:a:redis:redis:7.4.0:rc1:::::: cpe:2.3:a:redis:redis:7.4.0:rc2:::::: cpe:2.3:a:redis:redis:7.4.0:-::::::
References	~~() https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5 - Third Party Advisory~~	() https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5 - Vendor Advisory

04 Sep 2025, 18:31

Type	Values Removed	Values Added
CPE		cpe:2.3:a:redis:redis::::::::
References	~~() https://github.com/redis/redis/commit/1f7c148be2cbacf7d50aa461c58b871e87cc5ed9 -~~	() https://github.com/redis/redis/commit/1f7c148be2cbacf7d50aa461c58b871e87cc5ed9 - Patch
References	~~() https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5 -~~	() https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5 - Third Party Advisory
First Time		Redis Redis redis

Information

Published : 2024-10-07 20:15

Updated : 2025-09-04 19:03

NVD link : CVE-2024-31449

Mitre link : CVE-2024-31449

CVE.ORG link : CVE-2024-31449

JSON object : View

Products Affected

redis

redis

CWE

CWE-20

Improper Input Validation

CWE-121

Stack-based Buffer Overflow

{"id": "CVE-2024-31449", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.0, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.0}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-10-07T20:15:05.507", "references": [{"url": "https://github.com/redis/redis/commit/1f7c148be2cbacf7d50aa461c58b871e87cc5ed9", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability."}, {"lang": "es", "value": "Redis es una base de datos en memoria de c\u00f3digo abierto que persiste en el disco. Un usuario autenticado puede usar un script Lua especialmente manipulado para provocar un desbordamiento del b\u00fafer de pila en la librer\u00eda de bits, lo que puede provocar la ejecuci\u00f3n remota de c\u00f3digo. El problema existe en todas las versiones de Redis con scripts Lua. Este problema se ha solucionado en las versiones 6.2.16, 7.2.6 y 7.4.1 de Redis. Se recomienda a los usuarios que actualicen la versi\u00f3n. No existen workarounds conocidas para esta vulnerabilidad."}], "lastModified": "2025-09-04T19:03:33.420", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92118EB1-660D-4859-BA6D-FDC64E5C48F4", "versionEndExcluding": "6.2.16", "versionStartIncluding": "2.8.18"}, {"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F8A45E4-57CF-4B05-B188-A75BBDF37822", "versionEndExcluding": "7.2.6", "versionStartIncluding": "7.2.0"}, {"criteria": "cpe:2.3:a:redis:redis:7.4.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C484C7C-4C3B-45F6-8DF5-84CFE5FF2717"}, {"criteria": "cpe:2.3:a:redis:redis:7.4.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14EE168F-747A-43EE-84B8-14C332A7F1CB"}, {"criteria": "cpe:2.3:a:redis:redis:7.4.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C983360E-DC98-4C5A-A088-7DCE273595A1"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}