USN-7824-3

Details

USN-7824-1 fixed several vulnerabilities in Redis. This update provides the corresponding update for Ubuntu 22.04 LTS.

Original advisory details:

Benny Isaacs, Nir Brakha, and Sagi Tzadik discovered that Redis incorrectly handled memory when running Lua scripts. An authenticated attacker could use this vulnerability to trigger a use-after-free condition, and potentially achieve remote code execution on the Redis server.

Affected Packages

redis

Ubuntu 22.04 LTS

Fixed in:

5:6.0.16-1ubuntu1.1

References

REPORT

https://ubuntu.com/security/CVE-2025-49844

ADVISORY

https://ubuntu.com/security/notices/USN-7824-3