[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] ODR violation in Redis Raft

To: Meng Ruijie <ruijie_meng@xxxxxxxxx>
Subject: Re: [FD] ODR violation in Redis Raft
From: Jeffrey Walton <noloader@xxxxxxxxx>
Date: Wed, 17 Jan 2024 15:39:19 -0500

On Wed, Jan 17, 2024 at 3:29 PM Meng Ruijie <ruijie_meng@xxxxxxxxx> wrote:
>
> [Suggested description]
> Redis raft master-1b8bd86 to master-7b46079 was discovered to contain an ODR 
> violation via the component hiredisAllocFns at 
> /opt/fs/redisraft/deps/hiredis/alloc.c.
>
> [VulnerabilityType Other]
> AddressSanitizer: odr-violation
>
> [Vendor of Product]
> Redis
>
> [Affected Product Code Base]
> raft - master-1b8bd86 to master-7b46079
>
> [Affected Component]
> affected executable
>
> [Attack Type]
> Remote
>
> [Impact Code execution]
> true
>
> [Impact Denial of Service]
> true
>
> [Attack Vectors]
> run redis with redisraft
>
> [Reference]
> https://github.com/RedisLabs/redisraft/issues/600
>
> [Has vendor confirmed or acknowledged the vulnerability?]
> true
>
> [Discoverer]
> jerrytesting

I fail to see how a One Definition Rule (ODR) violation results in a
Remote Code Execution.

Can you share your PoC, please?

Jeff
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

References:
- [FD] ODR violation in Redis Raft
  - From: Meng Ruijie

Prev by Date: [FD] Minor firefox DoS - semi silently polluting ~/Downloads with files (part 2)
Next by Date: [FD] [SBA-ADV-20200707-01] CVE-2020-36771: CloudLinux CageFS 7.1.1-1 or below Token Disclosure
Previous by thread: [FD] ODR violation in Redis Raft
Next by thread: [FD] Incorrect handshake in TinyDTLS
Index(es):
- Date
- Thread