If you use Redis in-memory database under Debian or Ubuntu, for example for caching, you should update the system for security reasons. In the worst case, attackers can run malicious code on Redis servers.
The vulnerability (CVE-2022-0543) is identified as “FragileWith the highest rating (CVSS score 10/10). According to the discoverer of the interval The vulnerability does not directly affect Redis, but Debian/Ubuntu, the scripting language Lua, and the interaction of the in-memory database.
Update Operating System Now!
Problems arise when cleaning up variables. If attackers start there, they can break out of the Lua sandbox and execute malicious code in the host system, the security researchers warn. According to him, other Debian derivatives may also be at risk.
safe on the other hand Debian– And UbuntuVersions are available for download from February/March 2022. Since the exploit code is already available, The US Cyber Security and Infrastructure Security Agency (CISA) is now warning of possible attacks,
(Of)
Freelance twitter maven. Infuriatingly humble coffee aficionado. Amateur gamer. Typical beer fan. Avid music scholar. Alcohol nerd.
