CVE-2018-1000127

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-1000127

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-1000127.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-1000127

Related

Published

2018-03-13T21:29:00Z

Modified

2024-09-11T04:21:24.992535Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.

References

Affected packages

Debian:11 / memcached

Package

Name: memcached
Purl: pkg:deb/debian/memcached?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.5.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / memcached

Package

Name: memcached
Purl: pkg:deb/debian/memcached?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.5.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / memcached

Package

Name: memcached
Purl: pkg:deb/debian/memcached?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.5.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/memcached/memcached

Affected ranges

Type: GIT
Repo: https://github.com/memcached/memcached
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

a8c4a82787b8b6c256d61bd5c42fb7f92d1bae00

Affected versions

1.*

1.2.0

1.2.1

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.3.2

1.3.3

1.4-rc1

1.4.0

1.4.0-rc1

1.4.1

1.4.1-rc1

1.4.10

1.4.11

1.4.11-beta1

1.4.11-rc1

1.4.12

1.4.13

1.4.14

1.4.15

1.4.16

1.4.17

1.4.18

1.4.19

1.4.2

1.4.2-rc1

1.4.20

1.4.21

1.4.22

1.4.23

1.4.24

1.4.25

1.4.26

1.4.27

1.4.28

1.4.29

1.4.3

1.4.3-rc1

1.4.3-rc2

1.4.30

1.4.31

1.4.32

1.4.33

1.4.34

1.4.35

1.4.36

1.4.4

1.4.5

1.4.6

1.4.6-rc1

1.4.7

1.4.7-rc1

1.4.8

1.4.8-rc1

1.4.9