CVE-2024-31449

HIGH LAB

Redis 2.8.18-6.2.15 - Authenticated Stack-based Buffer Overflow via Lua Bit Library

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-31449. PoCs published by daeseong1209.

AI-analyzed exploit summary This repository contains a functional PoC for CVE-2024-31449, a stack buffer overflow in Redis' Lua engine via the `bit.tohex` function. The exploit triggers a crash (DoS) by passing `INT32_MIN` as an argument, causing improper handling of negative values.

Description

Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Exploits (1)

nomisec WORKING POC

by daeseong1209 · poc

https://github.com/daeseong1209/CVE-2024-31449

View Code ZIP pw:eip

This repository contains a functional PoC for CVE-2024-31449, a stack buffer overflow in Redis' Lua engine via the `bit.tohex` function. The exploit triggers a crash (DoS) by passing `INT32_MIN` as an argument, causing improper handling of negative values.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Redis 7.0.4 (and other versions with Lua engine)

No auth needed

Prerequisites: Redis server with Lua scripting enabled

MITRE ATT&CK

T1499.004 - Application or System Exploitation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory x_refsource_confirm

https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5

Patch x_refsource_misc

https://github.com/redis/redis/commit/1f7c148be2cbacf7d50aa461c58b871e87cc5ed9

View Patch ZIP pw:eip

Scores

CVSS v3 7.0

EPSS 0.0449

EPSS Percentile 90.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Lab Environment

COMMUNITY

Community Lab

docker pull redis@sha256:9bc34afe08ca30ef179404318cdebe6430ceda35a4ebe4b67d10789b17bdf7c4

https://github.com/daeseong1209/CVE-2024-31449

https://github.com/redis/redis

View in Library

Details

CWE

CWE-121 CWE-20

Status published

Products (2)

redis/redis 7.4.0 (3 CPE variants)

redis/redis 2.8.18 - 6.2.16

Published Oct 07, 2024

Tracked Since Feb 18, 2026