CVE-2021-3470 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2021-3470 Interim 1 9 2022-11-09T01:13:07Z current 2021-05-30T14:46:47Z 2022-11-09T01:13:07Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2021-3470 A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. Effectively this flaw does not affect the vast majority of users, who use jemalloc or glibc malloc. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP2 redis redis as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. Effectively this flaw does not affect the vast majority of users, who use jemalloc or glibc malloc. CVE-2021-3470 SUSE Linux Enterprise Module for Server Applications 15 SP2:redis moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L