CyberSecurityBoard
Sponsor Register Login

Redis DoS Vulnerability: Attackers Can Exhaust Server Memory or Cause Crashes

“An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed,” Redis maintainers explained in their security advisory. “Exposure to this vulnerability requires a Redis endpoint to be publicly exposed,” Redis stated in their advisory, emphasizing the importance of proper network security practices when deploying Redis servers. Security researcher @polaris-alioth responsibly disclosed the vulnerability, demonstrating ongoing collaboration between the security community and Redis maintainers. Each failed authentication attempt generates “NOAUTH” responses that accumulate in the output buffer until the system runs out of memory or crashes. These responses accumulate indefinitely since Redis fails to implement proper output buffer limits. Tracked as CVE-2025-21605 with a CVSS score of 7.5, this vulnerability affects all Redis versions from 2.6 onward and poses a significant risk to exposed Redis instances. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The vulnerability stems from a fundamental design issue in Redis’s output buffer management.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 24 Apr 2025 11:45:12 +0000


Cyber News related to Redis DoS Vulnerability: Attackers Can Exhaust Server Memory or Cause Crashes

Redis DoS Vulnerability: Attackers Can Exhaust Server Memory or Cause Crashes - “An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed,” Redis maintainers explained in their security advisory. “Exposure to this vulnerability requires a Redis ...
2 months ago Cybersecuritynews.com CVE-2025-21605
Expired Redis Service Abused to Use Metasploit Meterpreter Maliciously - Attackers are using an 8-year-old version of the Redis open-source database server to maliciously use Metasploit's Meterpreter module to expose exploits within a system, potentially allowing for takeover and distribution of a host of other malware. ...
1 year ago Darkreading.com
Hackers Compromised Over 1,200 Redis Database Servers - A new type of malware, designed to target vulnerable Redis servers on the internet, has been spreading rapidly since September 2021. This is a quick-spreading malware, designed to operate stealthily, that has already infiltrated over thousand ...
2 years ago Cybersecuritynews.com
New Migo malware disables protection features on Redis servers - Security researchers discovered a new campaign that targets Redis servers on Linux hosts using a piece of malware called 'Migo' to mine for cryptocurrency. Redis is an in-memory data structure store used as a database, cache, and message broker known ...
1 year ago Bleepingcomputer.com
HeadCrab Malware Compromises Over 1,200 Redis Servers Worldwide New Stealthy Threat Detected - At least 1,200 Redis database servers around the world have been taken over by a dangerous and hard-to-detect threat called HeadCrab since early September 2021. According to Aqua Security researcher Asaf Eitani, this advanced threat actor uses a ...
2 years ago Thehackernews.com
CVE-2021-21309 - Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 32-bit Redis version 4.0 or newer could be exploited to corrupt the heap and potentially result with remote code execution. ...
2 years ago
Explore Redis for User Session Management on AWS Elasticache - Just as cities use various systems to keep track of their inhabitants and visitors, web applications rely on user session management to maintain a smooth experience for each person navigating through them. User session management is the mechanism by ...
1 year ago Feeds.dzone.com
New HeadCrab Malware Hijacks 1,200 Redis Servers - Since September 2021, over a thousand vulnerable Redis servers online have been infected by a stealthy malware dubbed "HeadCrab", designed to build a botnet that mines Monero cryptocurrency. At least 1,200 servers have been infected by the HeadCrab ...
2 years ago Heimdalsecurity.com
CVE-2022-24735 - Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially ...
2 years ago
'Cryptomining Malware Infects 1,200 Redis Servers with HeadCrab Botnet' - A malicious piece of software known as HeadCrab has infiltrated at least 1,200 Redis servers around the world, according to Aqua Security. Redis servers are designed to be used on secure networks and are vulnerable to unauthorized access if exposed ...
2 years ago Securityweek.com
CVE-2021-32675 - Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory according to user-specified values which determine the number of elements (in the multi-bulk ...
1 year ago
HeadCrab Malware Infects 1,200 Redis Servers to Mine Monero Cryptocurrency - A new stealthy malware, HeadCrab, designed to hunt down vulnerable Redis servers online has infected over a thousand of them since September 2021. Discovered by Aqua Security researchers Nitzan Yaakov and Asaf Eitani, the malware has so far ensnared ...
2 years ago Bleepingcomputer.com
CVE-2025-21605 - Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, ...
2 months ago
CVE-2021-32761 - Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis ...
2 years ago
Using IAM Authentication for Redis on AWS - Amazon MemoryDB for Redis has supported username/password-based authentication using Access Control Lists since the very beginning. You can also use IAM-based authentication that allows you to associate IAM users and roles with MemoryDB users so that ...
1 year ago Feeds.dzone.com
Stealthier version of P2Pinfect malware targets MIPS devices - The latest variants of the P2Pinfect botnet are now focusing on infecting devices with 32-bit MIPS processors, such as routers and IoT devices. Due to their efficiency and compact design, MIPS chips are prevalent in embedded systems like routers, ...
1 year ago Bleepingcomputer.com CVE-2022-0543
CVE-2022-20821 - A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP ...
3 years ago
CVE-2021-32762 - Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a ...
2 years ago
CVE-2023-45145 - Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its permissions to the user-provided configuration. If a permissive umask(2) is used, this creates a race condition that ...
1 year ago
CVE-2025-1979 - Versions of the package ray before 2.43.0 are vulnerable to Insertion of Sensitive Information into Log File where the redis password is being logged in the standard logging. If the redis password is passed as an argument, it will be logged and could ...
4 months ago
Linux Malware Campaign "Migo" Targets Redis For Cryptomining - Security researchers have uncovered a sophisticated malware campaign targeting Redis, a popular data store system. In particular, Cado Security Labs researchers observed that Migo utilizes new Redis system weakening commands to exploit the data store ...
1 year ago Infosecurity-magazine.com
P2PInfect Botnet Is Now Targeting MIPS-Based IoT Devices - The operator behind the growing P2PInfect botnet is turning their focus to Internet of Things and routers running the MIPS chip architecture, expanding their list of targets and offering more evidence that the malware is an experienced threat actor. ...
1 year ago Securityboulevard.com
CVE-2021-32626 - Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result ...
2 years ago
CVE-2022-24736 - Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The ...
2 years ago
CISA Report Finds Most Open-Source Projects Contain Memory-Unsafe Code - More than half of open-source projects contain code written in a memory-unsafe language, a report from the U.S.'s Cybersecurity and Infrastructure Security Agency has found. Memory-unsafe means the code allows for operations that can corrupt memory, ...
1 year ago Techrepublic.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)