{"id":"UBUNTU-CVE-2026-25243","details":"Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may lead to remote code execution. A workaround is to restrict access to the RESTORE command with ACL rules. This is patched in version 8.6.3.","modified":"2026-05-20T16:12:25.098220295Z","published":"2026-05-05T17:17:00Z","upstream":["CVE-2026-25243"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-25243"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2026-25243"}],"affected":[{"package":{"name":"redis","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/redis?arch=source&distro=esm-infra-legacy%2Ftrusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2:2.6.13-1","2:2.6.16-3","2:2.8.0-1","2:2.8.2-1","2:2.8.4-2","2:2.8.4-2ubuntu0.2","2:2.8.4-2ubuntu0.2+esm1","2:2.8.4-2ubuntu0.2+esm2","2:2.8.4-2ubuntu0.2+esm3","2:2.8.4-2ubuntu0.2+esm4","2:2.8.4-2ubuntu0.2+esm5"],"ecosystem_specific":{"binaries":[{"binary_name":"redis-server","binary_version":"2:2.8.4-2ubuntu0.2+esm5"},{"binary_name":"redis-tools","binary_version":"2:2.8.4-2ubuntu0.2+esm5"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25243.json"}},{"package":{"name":"redis","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/redis?arch=source&distro=esm-apps%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2:3.0.3-3","2:3.0.5-1","2:3.0.5-2","2:3.0.5-3","2:3.0.5-4","2:3.0.6-1","2:3.0.6-1ubuntu0.2","2:3.0.6-1ubuntu0.3","2:3.0.6-1ubuntu0.4","2:3.0.6-1ubuntu0.4+esm1","2:3.0.6-1ubuntu0.4+esm2","2:3.0.6-1ubuntu0.4+esm3","2:3.0.6-1ubuntu0.4+esm4","2:3.0.6-1ubuntu0.4+esm5"],"ecosystem_specific":{"binaries":[{"binary_name":"redis-sentinel","binary_version":"2:3.0.6-1ubuntu0.4+esm5"},{"binary_name":"redis-server","binary_version":"2:3.0.6-1ubuntu0.4+esm5"},{"binary_name":"redis-tools","binary_version":"2:3.0.6-1ubuntu0.4+esm5"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25243.json"}},{"package":{"name":"redis","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/redis?arch=source&distro=esm-apps%2Fbionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4:4.0.1-7","4:4.0.2-6","4:4.0.2-9","5:4.0.5-1","5:4.0.6-1","5:4.0.6-2","5:4.0.7-1","5:4.0.8-1","5:4.0.8-2","5:4.0.9-1","5:4.0.9-1ubuntu0.1","5:4.0.9-1ubuntu0.2","5:4.0.9-1ubuntu0.2+esm2","5:4.0.9-1ubuntu0.2+esm3","5:4.0.9-1ubuntu0.2+esm4","5:4.0.9-1ubuntu0.2+esm5","5:4.0.9-1ubuntu0.2+esm6","5:4.0.9-1ubuntu0.2+esm7"],"ecosystem_specific":{"binaries":[{"binary_name":"redis","binary_version":"5:4.0.9-1ubuntu0.2+esm7"},{"binary_name":"redis-sentinel","binary_version":"5:4.0.9-1ubuntu0.2+esm7"},{"binary_name":"redis-server","binary_version":"5:4.0.9-1ubuntu0.2+esm7"},{"binary_name":"redis-tools","binary_version":"5:4.0.9-1ubuntu0.2+esm7"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25243.json"}},{"package":{"name":"redis","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/redis?arch=source&distro=esm-apps%2Ffocal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5:5.0.5-2build1","5:5.0.6-1","5:5.0.7-1","5:5.0.7-2","5:5.0.7-2ubuntu0.1~esm1","5:5.0.7-2ubuntu0.1","5:5.0.7-2ubuntu0.1+esm1","5:5.0.7-2ubuntu0.1+esm2","5:5.0.7-2ubuntu0.1+esm3","5:5.0.7-2ubuntu0.1+esm4"],"ecosystem_specific":{"binaries":[{"binary_name":"redis","binary_version":"5:5.0.7-2ubuntu0.1+esm4"},{"binary_name":"redis-sentinel","binary_version":"5:5.0.7-2ubuntu0.1+esm4"},{"binary_name":"redis-server","binary_version":"5:5.0.7-2ubuntu0.1+esm4"},{"binary_name":"redis-tools","binary_version":"5:5.0.7-2ubuntu0.1+esm4"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25243.json"}},{"package":{"name":"redis","ecosystem":"Ubuntu:Pro:22.04:LTS","purl":"pkg:deb/ubuntu/redis?arch=source&distro=esm-apps%2Fjammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5:6.0.15-1","5:6.0.16-1","5:6.0.16-1build1","5:6.0.16-1ubuntu1","5:6.0.16-1ubuntu1+esm1","5:6.0.16-1ubuntu1+esm2","5:6.0.16-1ubuntu1.1","5:6.0.16-1ubuntu1.1+esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"redis","binary_version":"5:6.0.16-1ubuntu1.1+esm1"},{"binary_name":"redis-sentinel","binary_version":"5:6.0.16-1ubuntu1.1+esm1"},{"binary_name":"redis-server","binary_version":"5:6.0.16-1ubuntu1.1+esm1"},{"binary_name":"redis-tools","binary_version":"5:6.0.16-1ubuntu1.1+esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25243.json"}},{"package":{"name":"redis","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/redis?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5:7.0.12-1","5:7.0.14-1","5:7.0.14-2","5:7.0.15-1","5:7.0.15-1build1","5:7.0.15-1build2","5:7.0.15-1ubuntu0.24.04.1","5:7.0.15-1ubuntu0.24.04.2","5:7.0.15-1ubuntu0.24.04.3","5:7.0.15-1ubuntu0.24.04.4"],"ecosystem_specific":{"binaries":[{"binary_name":"redis","binary_version":"5:7.0.15-1ubuntu0.24.04.4"},{"binary_name":"redis-sentinel","binary_version":"5:7.0.15-1ubuntu0.24.04.4"},{"binary_name":"redis-server","binary_version":"5:7.0.15-1ubuntu0.24.04.4"},{"binary_name":"redis-tools","binary_version":"5:7.0.15-1ubuntu0.24.04.4"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25243.json"}},{"package":{"name":"redis","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/redis?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5:7.0.15-3","5:7.0.15-3.1","5:8.0.2-3","5:8.0.2-3build1","5:8.0.2-3ubuntu0.25.10.1"],"ecosystem_specific":{"binaries":[{"binary_name":"redis","binary_version":"5:8.0.2-3ubuntu0.25.10.1"},{"binary_name":"redis-sentinel","binary_version":"5:8.0.2-3ubuntu0.25.10.1"},{"binary_name":"redis-server","binary_version":"5:8.0.2-3ubuntu0.25.10.1"},{"binary_name":"redis-tools","binary_version":"5:8.0.2-3ubuntu0.25.10.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25243.json"}},{"package":{"name":"redis","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/redis?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5:8.0.2-3build1","5:8.0.2-3ubuntu0.25.10.1","5:8.0.5-1"],"ecosystem_specific":{"binaries":[{"binary_name":"redis","binary_version":"5:8.0.5-1"},{"binary_name":"redis-sentinel","binary_version":"5:8.0.5-1"},{"binary_name":"redis-server","binary_version":"5:8.0.5-1"},{"binary_name":"redis-tools","binary_version":"5:8.0.5-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25243.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]}