Описание
In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.
Отчет
The vulnerable code is not present in the versions of memcached as shipped in Red Hat Enterprise Linux 6 and 7, so they are not affected by this flaw.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | memcached | Not affected | ||
| Red Hat Enterprise Linux 7 | memcached | Not affected | ||
| Red Hat OpenStack Platform 10 (Newton) | memcached | Will not fix | ||
| Red Hat OpenStack Platform 14 (Rocky) | memcached | Affected | ||
| Red Hat OpenStack Platform 9 (Mitaka) | memcached | Not affected | ||
| Red Hat Enterprise Linux 8 | memcached | Fixed | RHSA-2020:1576 | 28.04.2020 |
| Red Hat OpenStack Platform 13.0 (Queens) | memcached | Fixed | RHSA-2020:5583 | 16.12.2020 |
| Red Hat OpenStack Platform 13.0 (Queens) for RHEL 7.6 EUS | memcached | Fixed | RHSA-2020:5583 | 16.12.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.
In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.
In memcached before 1.5.14, a NULL pointer dereference was found in th ...
In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.
EPSS
7.5 High
CVSS3