Test ID:	1.3.6.1.4.1.25623.1.0.885570
Category:	Fedora Local Security Checks
Title:	Fedora: Security Advisory (FEDORA-2024-6ef42a28c9)
Summary:	The remote host is missing an update for the 'redis' package(s) announced via the FEDORA-2024-6ef42a28c9 advisory.
Description:	Summary: The remote host is missing an update for the 'redis' package(s) announced via the FEDORA-2024-6ef42a28c9 advisory. Vulnerability Insight: **Redis 7.2.4 ** Released Tue 09 Jan 2024 10:45:52 IST Upgrade urgency SECURITY: See security fixes below. Security fixes * (**CVE-2023-41056**) In some cases, Redis may incorrectly handle resizing of memory buffers which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution. Bug fixes * Fix crashes of cluster commands clusters with mixed versions of 7.0 and 7.2 (#12805, #12832) * Fix slot ownership not being properly handled when deleting a slot from a node (#12564) * Fix atomicity issues with the RedisModuleEvent_Key module API event (#12733) Affected Software/OS: 'redis' package(s) on Fedora 39. Solution: Please install the updated package(s). CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2023-41056 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JTGQJ2YLYB24B72I5B5H32YIMPVSWIT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JTWHPLC3RI67VNRDOIXLDVNC5YMYBMQN/ https://github.com/redis/redis/releases/tag/7.0.15 https://github.com/redis/redis/releases/tag/7.2.4 https://github.com/redis/redis/security/advisories/GHSA-xr47-pcmx-fq2m
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.