CVE-2020-7105 – This vulnerability in hiredis library versions ... (How to Fix)

Q: What is the severity of CVE-2020-7105?

CVE-2020-7105 has a CVSS score of 7.5 (HIGH). This vulnerability in hiredis library versions through 0.14.0 allows denial of service attacks due to NULL pointer dereference when malloc fails to allocate memory. Applications using hiredis for Redis client functionality are affected when memory allocation fails, potentially causing crashes.

📋 TL;DR

This vulnerability in hiredis library versions through 0.14.0 allows denial of service attacks due to NULL pointer dereference when malloc fails to allocate memory. Applications using hiredis for Redis client functionality are affected when memory allocation fails, potentially causing crashes.

💻 Affected Systems

Products:

hiredis
Redis clients using hiredis library
Applications linking against libhiredis

Versions: All versions through 0.14.0

Operating Systems: Linux, Unix-like systems, Windows (if compiled with vulnerable version)

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in async.c and dict.c files where malloc return values are not checked before use.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Application crash leading to denial of service, potentially affecting availability of services dependent on Redis connectivity.

🟠

Likely Case

Application instability or crashes under memory pressure conditions when malloc returns NULL.

🟢

If Mitigated

Minimal impact if proper error handling is implemented at application level or memory allocation failures are prevented.

🌐 Internet-Facing: MEDIUM - Exploitable if attackers can trigger memory exhaustion or cause malloc failures through crafted requests.

🏢 Internal Only: MEDIUM - Internal applications could still crash under memory pressure, affecting service availability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires triggering memory allocation failures, which may be difficult to achieve reliably in production environments.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.14.1 and later

Vendor Advisory: https://github.com/redis/hiredis/issues/747

Restart Required: Yes

Instructions:

1. Update hiredis to version 0.14.1 or later. 2. Recompile applications linking against libhiredis. 3. Restart affected services.

🔧 Temporary Workarounds

Memory limit enforcement

linux

Set memory limits to prevent malloc failures

ulimit -v [memory_limit_in_kb]
sysctl -w vm.overcommit_memory=2

🧯 If You Can't Patch

Implement application-level error handling for Redis connection failures
Monitor system memory usage and restart services before memory exhaustion occurs

🔍 How to Verify

Check if Vulnerable:

Check hiredis version: ldd [application] | grep hiredis and verify version <= 0.14.0

Check Version:

hiredis-cli --version 2>/dev/null || grep -r "hiredis" /usr/include/hiredis/hiredis.h | grep VERSION

Verify Fix Applied:

Verify hiredis version is 0.14.1 or later: hiredis-cli --version or check library version

📡 Detection & Monitoring

Log Indicators:

Segmentation fault errors in application logs
Unexpected Redis client disconnections
Memory allocation failure messages

Network Indicators:

Sudden drop in Redis connections from affected clients
Increased connection timeouts

SIEM Query:

source="application.logs" AND ("segmentation fault" OR "null pointer" OR "malloc failed")

📊 Metadata

CVE ID: CVE-2020-7105

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

Published: January 16, 2020

Last Updated: November 21, 2024

🔗 References

https://github.com/redis/hiredis/issues/747 Exploit,Issue Tracking,Patch,Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/01/msg00028.html Mailing List,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76ZDGWBV3YEEQ2YC65ZJEQLKQFVFBZHX/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKOTCIYFEWJJILUGL4JQ3CJAM3TWYZ2A/
https://github.com/redis/hiredis/issues/747 Exploit,Issue Tracking,Patch,Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/01/msg00028.html Mailing List,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76ZDGWBV3YEEQ2YC65ZJEQLKQFVFBZHX/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKOTCIYFEWJJILUGL4JQ3CJAM3TWYZ2A/

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-7105, you might also want to check these: