NVD Vulnerability Detail

CVE-2021-32765

Summary	Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted `RESP` `mult-bulk` protocol data. When parsing `multi-bulk` (array-like) replies, hiredis fails to check if `count * sizeof(redisReply*)` can be represented in `SIZE_MAX`. If it can not, and the `calloc()` call doesn't itself make this check, it would result in a short allocation and subsequent buffer overflow. Users of hiredis who are unable to update may set the [maxelements](https://github.com/redis/hiredis#reader-max-array-elements) context option to a value small enough that no overflow is possible.
Publication Date	Oct. 5, 2021, 6:15 a.m.
Registration Date	Oct. 5, 2021, 10 a.m.
Last Update	Nov. 21, 2024, 3:07 p.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:redis:hiredis::::::::					1.0.1

Configuration2		or higher	or less	more than	less than
cpe:2.3:o:debian:debian_linux:9.0:::::::*

Configuration3		or higher	or less	more than	less than
cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:::::::*

Related information, measures and tools

No	URL	タグ
1	https://github.com/redis/hiredis/commit/76a7b10005c70babee357a7d0f2becf28ec7ed1e	Patch Third Party Advisory
2	https://github.com/redis/hiredis/commit/76a7b10005c70babee357a7d0f2becf28ec7ed1e	Patch Third Party Advisory
3	https://github.com/redis/hiredis/security/advisories/GHSA-hfm9-39pp-55p2	Mitigation Third Party Advisory
4	https://github.com/redis/hiredis/security/advisories/GHSA-hfm9-39pp-55p2	Mitigation Third Party Advisory
5	https://lists.debian.org/debian-lts-announce/2021/10/msg00007.html	Mailing List Third Party Advisory
6	https://lists.debian.org/debian-lts-announce/2021/10/msg00007.html	Mailing List Third Party Advisory
7	https://security.gentoo.org/glsa/202210-32	Third Party Advisory
8	https://security.gentoo.org/glsa/202210-32	Third Party Advisory
9	https://security.netapp.com/advisory/ntap-20211104-0003/	Third Party Advisory
10	https://security.netapp.com/advisory/ntap-20211104-0003/	Third Party Advisory
11	https://wiki.sei.cmu.edu/confluence/display/c/MEM07-C.+Ensure+that+the+arguments+to+calloc%28%29%2C+when+multiplied%2C+do+not+wrap	Third Party Advisory
12	https://wiki.sei.cmu.edu/confluence/display/c/MEM07-C.+Ensure+that+the+arguments+to+calloc%28%29%2C+when+multiplied%2C+do+not+wrap	Third Party Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-190	整数オーバーフローまたはラップアラウンド	https://cwe.mitre.org/data/definitions/190.html

JVN Vulnerability Information

Hiredis における整数オーバーフローの脆弱性

Title	Hiredis における整数オーバーフローの脆弱性
Summary	Hiredis には、整数オーバーフローの脆弱性が存在します。
Possible impacts	情報を取得される、情報を改ざんされる、およびサービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Oct. 4, 2021, midnight
Registration Date	Sept. 2, 2022, 12:05 p.m.
Last Update	Sept. 2, 2022, 12:05 p.m.

Affected System

Redis

hiredis

Debian

Debian GNU/Linux

NetApp

Management Software for Element Software and NetApp HCI

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2021-32765	https://www.cve.org/CVERecord?id=CVE-2021-32765
National Vulnerability Database (NVD)
2	CVE-2021-32765	https://nvd.nist.gov/vuln/detail/CVE-2021-32765

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-190	https://cwe.mitre.org/data/definitions/190.html

ベンダー情報

No	Name	URL
Debian LTS Advisory
1	DLA-2783-1	https://lists.debian.org/debian-lts-announce/2021/10/msg00007.html
GitHub
2	Fix for integer/buffer overflow CVE-2021-32765	https://github.com/redis/hiredis/commit/76a7b10005c70babee357a7d0f2becf28ec7ed1e
3	Integer Overflow to Buffer Overflow in hiredis	https://github.com/redis/hiredis/security/advisories/GHSA-hfm9-39pp-55p2
NetApp Advisory
4	NTAP-20211104-0003	https://security.netapp.com/advisory/ntap-20211104-0003/

Change Log

No	Changed Details	Date of change
1	[2022年09月02日] 掲載	Sept. 2, 2022, 12:04 p.m.