oss-sec mailing list archives
Re: Re: Review+CVE request: multiple issues in redis EVAL command (lua sandbox)
From: Luca Bruno <lucab () debian org>
Date: Fri, 06 Nov 2015 22:07:27 +0100
On Friday 06 November 2015 12:07:30 cve-assign () mitre org wrote:
https://github.com/antirez/redis/issues/2854 https://github.com/antirez/redis/issues/2853 https://github.com/antirez/redis/issues/2855As far as we can tell, 2854 and 2853 do not need to be categorized as vulnerability reports, but 2855 is a report of at least one vulnerability. See the initial CVE ID assignment below. [...] Our feeling is that the sandboxing is not (yet) intended to define a security boundary with any practical value, and thus ability to defeat the sandboxing will not have a CVE ID at present. [...] Use CVE-2015-8080 for the "getnum ... integer wraparound ... thus returning a negative value" vulnerability.
Thanks for the prompt and detailed review! I understand the line of reasoning and I've no further technical comments on your analysis. All bug reports have been updated with appropriate references. Cheers, Luca -- Luca Bruno (kaeso) Security Engineer Rocket Internet SE -> GPG: 0xBB1A3A854F3BBEBF
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- Review+CVE request: multiple issues in redis EVAL command (lua sandbox) Luca Bruno (Nov 06)
- Re: Review+CVE request: multiple issues in redis EVAL command (lua sandbox) cve-assign (Nov 06)
- Re: Re: Review+CVE request: multiple issues in redis EVAL command (lua sandbox) Luca Bruno (Nov 06)
- Re: Review+CVE request: multiple issues in redis EVAL command (lua sandbox) cve-assign (Nov 06)