Found buffer overflow, integrate overflow & memory corruption in redis – Jun 2018

If you have a database of geo-located data, what is the appropriate database setup? The geospatial require fastest database so Redis is one of the option.Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache and message broker. It supports data structures such as strings, hashes, lists, sets, sorted sets with range queries, bitmaps, hyperloglogs and geospatial indexes with radius queries. Found buffer overflow, integrate overflow & memory corruption in redis. Technical details shown as below:

CVE-2018-12326, CVE-2018-11218 & CVE-2018-11219: https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES

https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES

CVE-2018-12453: https://gist.github.com/fakhrizulkifli/34a56d575030682f6c564553c53b82b5

Dark power (malware) jeopardize the open geospatial data:

Dark power (malware) jeopardize the open geospatial data

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.