nvd-json-data-feeds/CVE-2024/CVE-2024-556xx/CVE-2024-55656.json

{
  "id": "CVE-2024-55656",
  "sourceIdentifier": "security-advisories@github.com",
  "published": "2025-01-08T16:15:36.213",
  "lastModified": "2025-01-08T16:15:36.213",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "RedisBloom adds a set of probabilistic data structures to Redis. There is an integer overflow vulnerability in RedisBloom, which is a module used in Redis. The integer overflow vulnerability allows an attacker (a redis client which knows the password) to allocate memory in the heap lesser than the required memory due to wraparound. Then read and write can be performed beyond this allocated memory, leading to info leak and OOB write. The integer overflow is in CMS.INITBYDIM command, which initialize a Count-Min Sketch to dimensions specified by user. It accepts two values (width and depth) and uses them to allocate memory in NewCMSketch(). This vulnerability is fixed in 2.2.19, 2.4.12, 2.6.14, and 2.8.2."
    },
    {
      "lang": "es",
      "value": "RedisBloom agrega un conjunto de estructuras de datos probabil\u00edsticas a Redis. Existe una vulnerabilidad de desbordamiento de enteros en RedisBloom, que es un m\u00f3dulo utilizado en Redis. La vulnerabilidad de desbordamiento de enteros permite a un atacante (un cliente de Redis que conoce la contrase\u00f1a) asignar memoria en el mont\u00f3n menor que la memoria requerida debido al envoltorio. Luego, se pueden realizar operaciones de lectura y escritura m\u00e1s all\u00e1 de esta memoria asignada, lo que genera una fuga de informaci\u00f3n y una escritura OOB. El desbordamiento de enteros se encuentra en el comando CMS.INITBYDIM, que inicializa un Count-Min Sketch con las dimensiones especificadas por el usuario. Acepta dos valores (ancho y profundidad) y los utiliza para asignar memoria en NewCMSketch(). Esta vulnerabilidad se corrigi\u00f3 en 2.2.19, 2.4.12, 2.6.14 y 2.8.2."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "security-advisories@github.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security-advisories@github.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/RedisBloom/RedisBloom/security/advisories/GHSA-x5rx-rmq3-ff3h",
      "source": "security-advisories@github.com"
    }
  ]
}