关联漏洞
标题:
Redis 输入验证错误漏洞
(CVE-2025-46819)
描述:Redis是美国Redis公司的一套开源的使用ANSI C编写、支持网络、可基于内存亦可持久化的日志型、键值(Key-Value)存储数据库,并提供多种语言的API。 Redis 8.2.1及之前版本存在输入验证错误漏洞,该漏洞源于特制LUA脚本可能导致越界数据读取或服务器崩溃,从而导致拒绝服务。
描述
CVE-2025-46819 – Redis Lua Long-String Delimiter Out-of-Bounds Read
介绍
# CVE-2025-46819 – Redis Lua Long-String Delimiter Out-of-Bounds Read
Malformed long-string delimiter causing Lua lexer OOBs read on Redis 8.2.1.
## Overview
Lua's long-string parser in Redis 8.2.1 mishandles malformed `[=...` sequences, returning sentinel values that lead to buffer underflows or excessive recursion. Attackers can cause Redis to read out of bounds or overflow the C stack.
## Environment
- Redis server 8.2.1 (or any vulnerable release before 8.2.2)
- `redis-cli`
- Local network access to the Redis instance
## Files
- [`CVE-2025-46819.lua`](/CVE-2025-46819.lua) – constructs a huge malformed delimiter and feeds it to `loadstring`.
## Usage
```bash
redis-cli -h localhost -p 6379 --eval CVE-2025-46819.lua
```
**Expected result:**
On vulnerable versions you'll typically see "ERR C stack overflow" or an immediate crash. Redis 8.2.2 (commit [3a1624da2449ac3dbfc4bdaed43adf77a0b7bfba](https://github.com/redis/redis/commit/3a1624da2449ac3dbfc4bdaed43adf77a0b7bfba)) rejects the script with "invalid long string delimiter" without destabilizing the server.
## Mitigation
Upgrade to Redis 8.2.2 or later, or disable Lua for untrusted users.
文件快照
[4.0K] /data/pocs/e264ec48ece2c2dd554e0b94d405882503c276d1
├── [1.1K] CVE-2025-46819.lua
└── [1.1K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。