Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -1 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryGentooremote code execution

Gentoo: GLSA-202210-32 Normal: Hiredis Code Execution Issue

An integer overflow has been found in hiredis which could result in arbitrary code execution.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202210-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: hiredis, hiredis-py: Multiple Vulnerabilities Date: October 31, 2022 Bugs: #873079, #816318 ID: 202210-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= An integer overflow has been found in hiredis which could result in arbitrary code execution. Background ========= hiredis is a minimalistic C client library for the Redis database. hiredis-py is a Python extension that wraps hiredis. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/hiredis < 1.0.1 > = 1.0.1 2 dev-python/hiredis < 2.0.0 > = 2.0.0 Description ========== Hiredis is vulnerable to integer overflow if provided maliciously crafted or corrupted `RESP` `mult-bulk` protocol data. When parsing `multi-bulk` (array-like) replies, hiredis fails to check if `count * sizeof(redisReply*)` can be represented in `SIZE_MAX`. If it can not, and the `calloc()` call doesn't itself make this check, it would result in a short allocation and subsequent buffer overflow. Impact ===== Malicious Redis commands could result in remote code execution. Workaround ========= There is no known workaround at this time. Resolution ========= All hiredis users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/hiredis-1.0.1" All hiredis-py users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-python/hiredis-2.0.0" References ========= [ 1 ] CVE-2021-32765 https://nvd.nist.gov/vuln/detail/CVE-2021-32765 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202210-32 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Hiredis encounters an integer overflow vulnerability, which may facilitate arbitrary code execution. Please ensure an update to mitigate potential threats.. hiredis security,Gentoo advisory,integer overflow,code execution risk,package update. . LinuxSecurity.com Team

Calendar 2 Oct 30, 2022 Gentoo
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedorainteger overflow

Fedora 35: 2022-ec83686a30 Critical: Hiredis Integer Overflow Fix

Fix for CVE-2021-32765. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-ec83686a30 2022-01-30 01:32:45.469266 --------------------------------------------------------------------------------Name : hiredis Product : Fedora 35 Version : 0.13.3 Release : 17.fc35 URL : https://github.com/redis/hiredis Summary : Minimalistic C client library for Redis Description : Hiredis is a minimalistic C client library for the Redis database. --------------------------------------------------------------------------------Update Information: Fix for CVE-2021-32765 --------------------------------------------------------------------------------ChangeLog: * Wed Nov 24 2021 Paul Ezvan - 0.13.3-17 - Add patch for CVE-2021-32765 --------------------------------------------------------------------------------References: [ 1 ] Bug #2013500 - CVE-2021-32765 hiredis: an integer overflow may occur if provided maliciously crafted or corrupted RESP mult-bulk protocol data [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2013500 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-ec83686a30' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . A recent update for hiredis in Fedora 35 addresses a critical integer overflow flaw. Keep your system protected by applying the most recent security patches.. Hiredis Update,Fedora Integer Overflow,Security Patches. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 29, 2022 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisoryupdatecritical

Mageia 8: 2021-0562 Critical: Hiredis Integer Overflow Threat

Updated hiredis packages fix security vulnerability: It was discovered that there was an integer-overflow vulnerability in hiredis, a C client library for communicating with Redis databases. This occurred within the handling and parsing of 'multi-bulk' replies . MGASA-2021-0562 - Updated hiredis packages fix security vulnerability Publication date: 19 Dec 2021 URL: https://advisories.mageia.org/MGASA-2021-0562.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-32765 Updated hiredis packages fix security vulnerability: It was discovered that there was an integer-overflow vulnerability in hiredis, a C client library for communicating with Redis databases. This occurred within the handling and parsing of 'multi-bulk' replies (CVE-2021-32765). References: - https://bugs.mageia.org/show_bug.cgi?id=29549 - https://github.com/redis/hiredis/security/advisories/GHSA-hfm9-39pp-55p2 - https://lists.debian.org/debian-lts-announce/2021/10/msg00007.html - https://www.cve.org/CVERecord?id=CVE-2021-32765 SRPMS: - 8/core/hiredis-0.13.3-6.1.mga8 . Recent updates for the hiredis packages rectify a significant integer overflow issue present in Mageia 8 that impacts Redis interactions.. Hiredis Update, Mageia Security, Redis Integer Overflow, Security Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 19, 2021 Critical Mageia
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticalDebian

Debian 9: DLA-2783-1 Critical: Hiredis Integer Overflow Advisory

It was discovered that there was an integer-overflow vulnerability in hiredis, a C client library for communicating with Redis databases. This occurred within the handling and parsing of 'multi-bulk' replies. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2783-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb October 12, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : hiredis Version : 0.13.3-1+deb9u1 CVE ID : CVE-2021-32765 It was discovered that there was an integer-overflow vulnerability in hiredis, a C client library for communicating with Redis databases. This occurred within the handling and parsing of 'multi-bulk' replies. For Debian 9 "Stretch", this problem has been fixed in version 0.13.3-1+deb9u1. We recommend that you upgrade your hiredis packages. For the detailed security status of hiredis please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/hiredis Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS publishes security alert DLA-2784-2 for libjpeg addressing a buffer-overflow vulnerability. Update is advised.. Debian Security Advisory,Hiredis Update,Integer Overflow Fix,Redis Client Library. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 12, 2021 Critical Debian LTS
Banner 3 1028x280 1708121785 1771599793
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisoryNULL pointermemory management

Mageia: 2020-0109 Moderate: Hiredis NULL Pointer Dereference

Updated hiredis packages fix security vulnerability: async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a NULL pointer dereference because malloc return values are unchecked (CVE-2020-7105). . MGASA-2020-0109 - Updated hiredis packages fix security vulnerability Publication date: 29 Feb 2020 URL: https://advisories.mageia.org/MGASA-2020-0109.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-XXXX Updated hiredis packages fix security vulnerability: async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a NULL pointer dereference because malloc return values are unchecked (CVE-2020-7105). References: - https://bugs.mageia.org/show_bug.cgi?id=26255 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/ZKOTCIYFEWJJILUGL4JQ3CJAM3TWYZ2A/ - https://www.cve.org/CVERecord?id=CVE-2019-XXXX SRPMS: - 7/core/hiredis-0.13.3-4.1.mga7 . Revised hiredis versions tackle a null reference vulnerability to improve Mageia's safety. Release date: 29 Feb 2020.. hiredis security update, Mageia packages, memory management issue. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 29, 2020 Important Mageia
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorabug fix

Fedora 31: FEDORA-2020-53a54ef986 moderate: hiredis NULL Pointer Issue

Fix for CVE-2020-7105 hiredis: NULL pointer dereference in async.c and dict.c. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-53a54ef986 2020-02-24 01:34:08.140990 --------------------------------------------------------------------------------Name : hiredis Product : Fedora 31 Version : 0.13.3 Release : 13.fc31 URL : https://github.com/redis/hiredis Summary : Minimalistic C client library for Redis Description : Hiredis is a minimalistic C client library for the Redis database. --------------------------------------------------------------------------------Update Information: Fix for CVE-2020-7105 hiredis: NULL pointer dereference in async.c and dict.c --------------------------------------------------------------------------------ChangeLog: * Sat Feb 15 2020 Kevin Fenzi - 0.13.3-13 - Apply patch for CVE-2020-7105. Fixes bug #1796474 * Wed Jan 29 2020 Fedora Release Engineering - 0.13.3-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1796475 - CVE-2020-7105 hiredis: NULL pointer dereference in async.c and dict.c in libhiredis.a [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1796475 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-53a54ef986' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announcemailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora Security Alert regarding hiredis addresses critical NULL pointer issue associated with CVE-2020-7105, improving overall safety and functionality.. hiredis security update, Fedora 31 fix, CVE-2020-7105 patch, NULL pointer issue. . LinuxSecurity.com Team

Calendar 2 Feb 23, 2020 Fedora
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorabug fix

Fedora 30 Advisory: 2020-f6cc7883b8 Critical Hiredis Pointer Issue

Fix for CVE-2020-7105 hiredis: NULL pointer dereference in async.c and dict.c. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-f6cc7883b8 2020-02-24 01:12:54.871724 --------------------------------------------------------------------------------Name : hiredis Product : Fedora 30 Version : 0.13.3 Release : 13.fc30 URL : https://github.com/redis/hiredis Summary : Minimalistic C client library for Redis Description : Hiredis is a minimalistic C client library for the Redis database. --------------------------------------------------------------------------------Update Information: Fix for CVE-2020-7105 hiredis: NULL pointer dereference in async.c and dict.c --------------------------------------------------------------------------------ChangeLog: * Sat Feb 15 2020 Kevin Fenzi - 0.13.3-13 - Apply patch for CVE-2020-7105. Fixes bug #1796474 * Wed Jan 29 2020 Fedora Release Engineering - 0.13.3-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Thu Jul 25 2019 Fedora Release Engineering - 0.13.3-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1796475 - CVE-2020-7105 hiredis: NULL pointer dereference in async.c and dict.c in libhiredis.a [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1796475 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-f6cc7883b8' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora 30 faced a NULL pointer dereference vulnerability in the hiredis library (FEDORA-2020-f6cc7883b8), heightening exploitation risks. Update for improved security.. Hiredis Update, Fedora 30 Security, Pointer Safety, Libhiredis Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 23, 2020 Critical Fedora
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorysecurity updateDebian

Debian: LTS DLA-2083-1 Moderate: Hiredis NULL Pointer Issue

It was discovered that there were a large number of NULL pointer dereferences due to unchecked return values from malloc and friends in hiredis, a minimalistic C client library. . Package : hiredis Version : 0.11.0-4+deb8u1 CVE ID : CVE-2020-7105 Debian Bug : #949995 It was discovered that there were a large number of NULL pointer dereferences due to unchecked return values from malloc and friends in hiredis, a minimalistic C client library. For Debian 8 "Jessie", these issue have been fixed in hiredis version 0.11.0-4+deb8u1. We recommend that you upgrade your hiredis packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS Regards, - -- ,'`. : :' : Chris Lamb `. `'` This email address is being protected from spambots. You need JavaScript enabled to view it. / chris-lamb.co.uk `- . Addresses NULL pointer dereferences in hiredis: 0.11.0-4+deb8u1 security patch for Debian LTS.. Debian security, hiredis update, Debian LTS advisory. . LinuxSecurity.com Team

Calendar 2 Jan 29, 2020 Debian LTS
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here