CVE-2018-1000127 — Integer Overflow or Wraparound in Memcached

CWE-190 — Integer Overflow or Wraparound CWE-667 — Improper Locking9 documents8 sources

Severity

7.5HIGHNVD

EPSS

1.0%

top 22.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Memcached Canonical Ubuntu Linux Debian Linux +1 more

Timeline

PublishedMar 13

Latest updateMay 13

Description

memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶NVDmemcached/memcached< 1.4.37

▶Debianmemcached/memcached< 1.5.0-1+3

▶NVDredhat/openstack10

Also affects: Debian Linux 7.0, 8.0, 9.0, Ubuntu Linux 14.04, 16.04, 17.10

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-xfxv-84p3-w8rg: memcached version prior to 1↗2022-05-13

▶

OSV

CVE-2018-1000127: memcached version prior to 1↗2018-03-13

▶

CVEList

CVE-2018-1000127: memcached version prior to 1↗2018-03-13

▶

📋Vendor Advisories

Ubuntu

Memcached vulnerability↗2018-03-19

▶

Debian

CVE-2018-1000127: memcached - memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in ...↗2018

▶

Red Hat

memcached: Integer Overflow in items.c:item_free()↗2017-04-27

▶

💬Community

Bugzilla

CVE-2018-1000127 memcached: Integer Overflow in items.c:item_free() [openstack-rdo]↗2018-03-13

▶

Bugzilla

CVE-2018-1000127 memcached: Integer Overflow in items.c:item_free()↗2018-03-13

▶