Description
setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev->size - prev->used.
Scores
CVSS v3
3.1
EPSS
0.0009
EPSS Percentile
24.7%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-191
Status
published
Products (1)
Valkey/Valkey
< 8.1.1
Published
Jun 02, 2025
Tracked Since
Feb 18, 2026