{ "document": { "aggregate_severity": { "text": "High" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/debian10els/vex/2025/cve-2025-46818-els_os-debian10els.json" } ], "tracking": { "current_release_date": "2026-06-13T00:07:57Z", "generator": { "date": "2026-06-13T00:07:57Z", "engine": { "name": "pyCSAF" } }, "id": "CVE-2025-46818-ELS_OS-DEBIAN10ELS", "initial_release_date": "2025-10-03T19:15:00Z", "revision_history": [ { "date": "2025-10-03T19:15:00Z", "number": "1", "summary": "Initial version" }, { "date": "2026-06-13T00:07:57Z", "number": "2", "summary": "Official Publication" } ], "status": "final", "version": "2" }, "title": "Security update on CVE-2025-46818" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Debian 10", "product": { "name": "Debian 10", "product_id": "Debian-10", "product_identification_helper": { "cpe": "cpe:2.3:o:debian:debian_linux:10:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Debian" }, { "branches": [ { "category": "product_version", "name": "redis-5:5.0.14-1+deb10u5.all", "product": { "name": "redis-5:5.0.14-1+deb10u5.all", "product_id": "redis-5:5.0.14-1+deb10u5.all", "product_identification_helper": { "purl": "pkg:deb/debian/redis@5:5.0.14-1%2Bdeb10u5?arch=all" } } } ], "category": "architecture", "name": "all" }, { "branches": [ { "category": "product_version", "name": "redis-server-5:5.0.14-1+deb10u5.amd64", "product": { "name": "redis-server-5:5.0.14-1+deb10u5.amd64", "product_id": "redis-server-5:5.0.14-1+deb10u5.amd64", "product_identification_helper": { "purl": "pkg:deb/debian/redis-server@5:5.0.14-1%2Bdeb10u5?arch=amd64" } } }, { "category": "product_version", "name": "redis-tools-5:5.0.14-1+deb10u5.amd64", "product": { "name": "redis-tools-5:5.0.14-1+deb10u5.amd64", "product_id": "redis-tools-5:5.0.14-1+deb10u5.amd64", "product_identification_helper": { "purl": "pkg:deb/debian/redis-tools@5:5.0.14-1%2Bdeb10u5?arch=amd64" } } }, { "category": "product_version", "name": "redis-sentinel-5:5.0.14-1+deb10u5.amd64", "product": { "name": "redis-sentinel-5:5.0.14-1+deb10u5.amd64", "product_id": "redis-sentinel-5:5.0.14-1+deb10u5.amd64", "product_identification_helper": { "purl": "pkg:deb/debian/redis-sentinel@5:5.0.14-1%2Bdeb10u5?arch=amd64" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Software in the Public Interest, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "redis-5:5.0.14-1+deb10u5+tuxcare.els3.all", "product": { "name": "redis-5:5.0.14-1+deb10u5+tuxcare.els3.all", "product_id": "redis-5:5.0.14-1+deb10u5+tuxcare.els3.all", "product_identification_helper": { "purl": "pkg:deb/tuxcare/redis@5:5.0.14-1%2Bdeb10u5%2Btuxcare.els3?arch=all" } } }, { "category": "product_version", "name": "redis-5:5.0.14-1+deb10u5+tuxcare.els2.all", "product": { "name": "redis-5:5.0.14-1+deb10u5+tuxcare.els2.all", "product_id": "redis-5:5.0.14-1+deb10u5+tuxcare.els2.all", "product_identification_helper": { "purl": "pkg:deb/tuxcare/redis@5:5.0.14-1%2Bdeb10u5%2Btuxcare.els2?arch=all" } } } ], "category": "architecture", "name": "all" }, { "branches": [ { "category": "product_version", "name": "redis-server-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "product": { "name": "redis-server-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "product_id": "redis-server-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/redis-server@5:5.0.14-1%2Bdeb10u5%2Btuxcare.els2?arch=amd64" } } }, { "category": "product_version", "name": "redis-server-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "product": { "name": "redis-server-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "product_id": "redis-server-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/redis-server@5:5.0.14-1%2Bdeb10u5%2Btuxcare.els3?arch=amd64" } } }, { "category": "product_version", "name": "redis-tools-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "product": { "name": "redis-tools-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "product_id": "redis-tools-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/redis-tools@5:5.0.14-1%2Bdeb10u5%2Btuxcare.els3?arch=amd64" } } }, { "category": "product_version", "name": "redis-tools-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "product": { "name": "redis-tools-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "product_id": "redis-tools-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/redis-tools@5:5.0.14-1%2Bdeb10u5%2Btuxcare.els2?arch=amd64" } } }, { "category": "product_version", "name": "redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "product": { "name": "redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "product_id": "redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/redis-sentinel@5:5.0.14-1%2Bdeb10u5%2Btuxcare.els3?arch=amd64" } } }, { "category": "product_version", "name": "redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "product": { "name": "redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "product_id": "redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/redis-sentinel@5:5.0.14-1%2Bdeb10u5%2Btuxcare.els2?arch=amd64" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "redis-5:5.0.14-1+deb10u5+tuxcare.els3.all as a component of Debian 10", "product_id": "Debian-10:redis-5:5.0.14-1+deb10u5+tuxcare.els3.all" }, "product_reference": "redis-5:5.0.14-1+deb10u5+tuxcare.els3.all", "relates_to_product_reference": "Debian-10" }, { "category": "default_component_of", "full_product_name": { "name": "redis-5:5.0.14-1+deb10u5.all as a component of Debian 10", "product_id": "Debian-10:redis-5:5.0.14-1+deb10u5.all" }, "product_reference": "redis-5:5.0.14-1+deb10u5.all", "relates_to_product_reference": "Debian-10" }, { "category": "default_component_of", "full_product_name": { "name": "redis-5:5.0.14-1+deb10u5+tuxcare.els2.all as a component of Debian 10", "product_id": "Debian-10:redis-5:5.0.14-1+deb10u5+tuxcare.els2.all" }, "product_reference": "redis-5:5.0.14-1+deb10u5+tuxcare.els2.all", "relates_to_product_reference": "Debian-10" }, { "category": "default_component_of", "full_product_name": { "name": "redis-server-5:5.0.14-1+deb10u5+tuxcare.els2.amd64 as a component of Debian 10", "product_id": "Debian-10:redis-server-5:5.0.14-1+deb10u5+tuxcare.els2.amd64" }, "product_reference": "redis-server-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "relates_to_product_reference": "Debian-10" }, { "category": "default_component_of", "full_product_name": { "name": "redis-server-5:5.0.14-1+deb10u5.amd64 as a component of Debian 10", "product_id": "Debian-10:redis-server-5:5.0.14-1+deb10u5.amd64" }, "product_reference": "redis-server-5:5.0.14-1+deb10u5.amd64", "relates_to_product_reference": "Debian-10" }, { "category": "default_component_of", "full_product_name": { "name": "redis-server-5:5.0.14-1+deb10u5+tuxcare.els3.amd64 as a component of Debian 10", "product_id": "Debian-10:redis-server-5:5.0.14-1+deb10u5+tuxcare.els3.amd64" }, "product_reference": "redis-server-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "relates_to_product_reference": "Debian-10" }, { "category": "default_component_of", "full_product_name": { "name": "redis-tools-5:5.0.14-1+deb10u5+tuxcare.els3.amd64 as a component of Debian 10", "product_id": "Debian-10:redis-tools-5:5.0.14-1+deb10u5+tuxcare.els3.amd64" }, "product_reference": "redis-tools-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "relates_to_product_reference": "Debian-10" }, { "category": "default_component_of", "full_product_name": { "name": "redis-tools-5:5.0.14-1+deb10u5.amd64 as a component of Debian 10", "product_id": "Debian-10:redis-tools-5:5.0.14-1+deb10u5.amd64" }, "product_reference": "redis-tools-5:5.0.14-1+deb10u5.amd64", "relates_to_product_reference": "Debian-10" }, { "category": "default_component_of", "full_product_name": { "name": "redis-tools-5:5.0.14-1+deb10u5+tuxcare.els2.amd64 as a component of Debian 10", "product_id": "Debian-10:redis-tools-5:5.0.14-1+deb10u5+tuxcare.els2.amd64" }, "product_reference": "redis-tools-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "relates_to_product_reference": "Debian-10" }, { "category": "default_component_of", "full_product_name": { "name": "redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els3.amd64 as a component of Debian 10", "product_id": "Debian-10:redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els3.amd64" }, "product_reference": "redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "relates_to_product_reference": "Debian-10" }, { "category": "default_component_of", "full_product_name": { "name": "redis-sentinel-5:5.0.14-1+deb10u5.amd64 as a component of Debian 10", "product_id": "Debian-10:redis-sentinel-5:5.0.14-1+deb10u5.amd64" }, "product_reference": "redis-sentinel-5:5.0.14-1+deb10u5.amd64", "relates_to_product_reference": "Debian-10" }, { "category": "default_component_of", "full_product_name": { "name": "redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els2.amd64 as a component of Debian 10", "product_id": "Debian-10:redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els2.amd64" }, "product_reference": "redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "relates_to_product_reference": "Debian-10" } ] }, "vulnerabilities": [ { "cve": "CVE-2025-46818", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code ('Code Injection')" }, "notes": [ { "category": "description", "text": "Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. The problem exists in all versions of Redis with LUA scripting. This issue is fixed in version 8.2.2. A workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing LUA scripts. This can be done using ACL to block a script by restricting both the EVAL and FUNCTION command families.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "known_affected": [ "Debian-10:redis-5:5.0.14-1+deb10u5+tuxcare.els2.all", "Debian-10:redis-5:5.0.14-1+deb10u5+tuxcare.els3.all", "Debian-10:redis-5:5.0.14-1+deb10u5.all", "Debian-10:redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "Debian-10:redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "Debian-10:redis-sentinel-5:5.0.14-1+deb10u5.amd64", "Debian-10:redis-server-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "Debian-10:redis-server-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "Debian-10:redis-server-5:5.0.14-1+deb10u5.amd64", "Debian-10:redis-tools-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "Debian-10:redis-tools-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "Debian-10:redis-tools-5:5.0.14-1+deb10u5.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-46818" }, { "category": "external", "summary": "https://github.com/redis/redis/commit/45eac0262028c771b6f5307372814b75f49f7a9e", "url": "https://github.com/redis/redis/commit/45eac0262028c771b6f5307372814b75f49f7a9e" }, { "category": "external", "summary": "https://github.com/redis/redis/releases/tag/8.2.2", "url": "https://github.com/redis/redis/releases/tag/8.2.2" }, { "category": "external", "summary": "https://github.com/redis/redis/security/advisories/GHSA-qrv7-wcrx-q5jp", "url": "https://github.com/redis/redis/security/advisories/GHSA-qrv7-wcrx-q5jp" } ], "release_date": "2025-10-03T19:15:00Z", "remediations": [ { "category": "no_fix_planned", "date": "2026-06-12T12:56:30.788755Z", "details": "We have opted against issuing a fix for this CVE. CVE-2025-46818 in Redis 5.0 requires the addition of a custom `lua_enablereadonlytable()` primitive that is not part of upstream Lua 5.1; the fix touches the fundamental Lua `Table` struct (adding a `readonly` field that changes the memory layout of every Lua table) and the Lua VM hot path in `lvm.c` to insert read-only checks on every table write. Backporting these changes onto Redis 5.0 carries a meaningful risk of subtle correctness and performance regressions across all Lua scripts; partial backports that only restrict `getfenv` / `setfenv` / `newproxy` leave metatable-manipulation attack vectors open while removing such metatables outright breaks legitimate idiomatic Lua. Operators who run untrusted Lua scripts on Redis should disable scripting (`scripting-deny-script` / restricted ACL command sets) or upgrade to a Redis line where the fix has been integrated upstream.", "product_ids": [ "Debian-10:redis-5:5.0.14-1+deb10u5+tuxcare.els2.all", "Debian-10:redis-5:5.0.14-1+deb10u5+tuxcare.els3.all", "Debian-10:redis-5:5.0.14-1+deb10u5.all", "Debian-10:redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "Debian-10:redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "Debian-10:redis-sentinel-5:5.0.14-1+deb10u5.amd64", "Debian-10:redis-server-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "Debian-10:redis-server-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "Debian-10:redis-server-5:5.0.14-1+deb10u5.amd64", "Debian-10:redis-tools-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "Debian-10:redis-tools-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "Debian-10:redis-tools-5:5.0.14-1+deb10u5.amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Debian-10:redis-5:5.0.14-1+deb10u5+tuxcare.els2.all", "Debian-10:redis-5:5.0.14-1+deb10u5+tuxcare.els3.all", "Debian-10:redis-5:5.0.14-1+deb10u5.all", "Debian-10:redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "Debian-10:redis-sentinel-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "Debian-10:redis-sentinel-5:5.0.14-1+deb10u5.amd64", "Debian-10:redis-server-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "Debian-10:redis-server-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "Debian-10:redis-server-5:5.0.14-1+deb10u5.amd64", "Debian-10:redis-tools-5:5.0.14-1+deb10u5+tuxcare.els2.amd64", "Debian-10:redis-tools-5:5.0.14-1+deb10u5+tuxcare.els3.amd64", "Debian-10:redis-tools-5:5.0.14-1+deb10u5.amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] } ] }