Redis Denial-of-Service Vulnerability via Improper Connection Error Handling

A denial-of-service vulnerability has been identified in Redis, an open-source in-memory database that persists data on disk. This issue arises from the server's handling of connection errors, which can lead to repeated IP protocol errors. As a result, clients can become starved of resources, causing a denial-of-service condition. The vulnerability affects all versions of Redis and can be exploited through an unauthenticated connection.

Impact

Exploitation of this vulnerability leads to client starvation, causing a denial-of-service condition where clients are unable to receive resources or responses from the server.

Reproduction

The vulnerability can be reproduced by establishing an unauthenticated connection to the Redis server. This connection should be configured to generate IP protocol errors, which will cause the server to mishandle the error, leading to client starvation. This can be done by, for example, sending malformed packets that disrupt the normal IP protocol flow.

Remediation

Users can upgrade to Redis versions 8.0.3, 7.4.5, 7.2.10, or 6.2.19 to address this vulnerability.