Google Big Sleep reports:
A user can run the XACKDEL command with multiple ID's and
trigger a stack buffer overflow, which may potentially lead to
remote code execution.
The problem exists in Redis 8.2 or newer.
The code doesn't handle the case where the number of ID's exceeds
the STREAMID_STATIC_VECTOR_LEN, and skips a reallocation, which
leads to a stack buffer overflow.
An additional workaround to mitigate the problem without patching
the redis-server executable is to prevent users from executing
XACKDEL operation. This can be done using ACL to restrict XACKDEL
command.