CVE-2024-55656
📋 TL;DR
An integer overflow vulnerability in RedisBloom's CMS.INITBYDIM command allows authenticated Redis clients to allocate less heap memory than required, leading to out-of-bounds read/write operations. This can result in information disclosure and potential heap corruption. Systems running vulnerable RedisBloom module versions are affected.
💻 Affected Systems
- RedisBloom module for Redis
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete system compromise via heap corruption and arbitrary code execution.
Likely Case
Information disclosure and denial of service through heap corruption crashes.
If Mitigated
Limited impact if proper network segmentation and authentication controls prevent unauthorized access.
🎯 Exploit Status
Requires authenticated access to Redis and knowledge of RedisBloom commands. The vulnerability is in a specific command (CMS.INITBYDIM) that must be invoked.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.2.19, 2.4.12, 2.6.14, or 2.8.2
Vendor Advisory: https://github.com/RedisBloom/RedisBloom/security/advisories/GHSA-x5rx-rmq3-ff3h
Restart Required: No
Instructions:
1. Update RedisBloom module to patched version. 2. Reload the module in Redis using MODULE UNLOAD then MODULE LOAD commands. 3. Verify the new version is active.
🔧 Temporary Workarounds
Disable RedisBloom module
allRemove or disable the RedisBloom module if not required for functionality.
MODULE UNLOAD RedisBloom
Restrict CMS.INITBYDIM command
allUse Redis ACL to block the vulnerable command from untrusted users.
ACL SETUSER <username> -@all +@read +@write -CMS.INITBYDIM
🧯 If You Can't Patch
- Implement strict network access controls to limit Redis access to trusted sources only.
- Use Redis ACL to restrict command execution and ensure strong authentication credentials.
🔍 How to Verify
Check if Vulnerable:
Check RedisBloom module version with: MODULE LIST | grep RedisBloomCheck Version:
MODULE LIST | grep RedisBloomVerify Fix Applied:
Verify module version shows 2.2.19, 2.4.12, 2.6.14, or 2.8.2 after update.📡 Detection & Monitoring
Log Indicators:
- Unusual CMS.INITBYDIM commands with large width/depth parameters
- Redis crash logs mentioning heap corruption
Network Indicators:
- CMS.INITBYDIM commands from unexpected sources
- Multiple failed authentication attempts followed by CMS commands
SIEM Query:
source="redis.log" AND (command="CMS.INITBYDIM" OR error="heap")