{"id":"CVE-2025-49112","details":"setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev-\u003esize - prev-\u003eused.","aliases":["BIT-keydb-2025-49112","BIT-redis-2025-49112","BIT-valkey-2025-49112"],"modified":"2026-03-23T05:00:54.760179Z","published":"2025-06-02T05:15:21.277Z","related":["CGA-f56x-v54x-cg4w","SUSE-SU-2025:01942-1","SUSE-SU-2025:02231-1","openSUSE-SU-2025:15306-1"],"references":[{"type":"WEB","url":"https://github.com/redis/redis/blob/994bc96bb1744cb153392fc96bdba43eae56e17f/src/networking.c#L783"},{"type":"WEB","url":"https://github.com/valkey-io/valkey/blob/daea05b1e26db29bfd1c033e27f9d519a2f8ccbb/src/networking.c#L886"},{"type":"FIX","url":"https://github.com/valkey-io/valkey/pull/2101"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/valkey-io/valkey","events":[{"introduced":"0"},{"last_affected":"fcd8bc3ee40f5d7841b7d5a8f3cd12252fec14e4"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"8.1.1"}]}}],"versions":["8.1.0","8.1.0-rc1","8.1.0-rc2","8.1.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-49112.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}]}