A new proof-of-concept exploit has been released for three severe vulnerabilities in the Lua scripting engine used by Redis 7.4.5.
Security researchers discovered that attackers can trigger remote code execution and privilege escalation by abusing flaws in the Lua parser, the unpack() function, and the protection of basic type metatables.
These issues pose a direct threat to systems that allow untrusted scripts via the EVAL command and demand immediate patching.
During a routine audit of Redis 7.4.5, three critical flaws were found in the Lua engine. The first, CVE-2025-49844, involves a use-after-free defect in the Lua parser.
When parsing scripts, the engine allocates a TString object without safeguarding it on the stack.
A garbage collection cycle can free this object too soon, allowing an attacker to overwrite memory and execute arbitrary code.
The second flaw, CVE-2025-46817, stems from an integer overflow in the unpack() function. By supplying extreme index values, an attacker can corrupt the Lua stack and hijack control flow.
The third, CVE-2025-46818, concerns privilege escalation through metatable modification. Core type metatables for strings, numbers, and other primitives are mutable and can be altered to inject malicious code that runs in other users’ contexts.
Technical Details
The use-after-free issue occurs at line 387 in deps/lua/src/lparser.c. The raw parser code calls luaS_new(L, name) but fails to push the result onto the Lua stack, leaving it unprotected.
In contrast, the patched version uses setsvalue2s(L, L->top, tname) and incr_top(L) before parsing to guard the new string.
The integer overflow vulnerability in deps/lua/src/lbaselib.c miscalculates element count as n = e – i + 1, which overflows when e is very large.
This error leads to writing beyond stack bounds. For the metatable issue, files src/script_lua.c and src/eval.c lacked checks to prevent writes to basic type metatables, enabling unauthorized code injection.
Below is a concise table summarizing these vulnerabilities:
| CVE | Vulnerability | Impact | Exploit Prerequisites | CVSS 3.1 Score |
| CVE-2025-49844 | Use-After-Free in Lua Parser | Remote Code Execution | EVAL access | 9.8 |
| CVE-2025-46817 | Integer Overflow in unpack() | Remote Code Execution | EVAL access | 9.8 |
| CVE-2025-46818 | Metatable Privilege Escalation | Privilege Escalation | EVAL access | 9.8 |
PoC and Mitigation
A complete Python PoC tests all three flaws against a live Redis server. For example, the use-after-free test fills Lua memory to force garbage collection during parsing:
# Step 1: Create memory pressure
for i in range(50):
huge_script = "local t={}; " + ";".join([f"t[{j}]=string.rep('X',10000)" for j in range(50)]) + "; return 'ok'"
client.eval(huge_script, 0)
# Step 2: Trigger GC during parse
client.eval("collectgarbage('collect'); return 'gc'", 0)The unpack() overflow check uses scripts like return {unpack({1,2,3}, -2, 2147483647)} to detect errors, while metatable protection is confirmed by attempts to modify a nil metatable.
Organizations should upgrade to Redis 7.4.6 or later, where patches include stack protection in the parser, bounds checks in unpack(), and readonly enforcement on basic metatables.
Applying these updates will close the attack surface and restore script isolation. Continuous monitoring for unexpected EVAL activity and strict access controls are also recommended to reduce risk.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.
