Описание
memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.
Отчет
The versions of memcached shipped with Red Hat Enterprise Linux 5 to 7 are not affected by this issue as it doesn't contain the vulnerable source code.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | memcached | Not affected | ||
| Red Hat Enterprise Linux 7 | memcached | Not affected | ||
| Red Hat Enterprise Linux 8 | memcached | Will not fix | ||
| Red Hat OpenStack Platform 10 (Newton) | memcached | Will not fix | ||
| Red Hat OpenStack Platform 13 (Queens) | memcached | Will not fix | ||
| Red Hat OpenStack Platform 14 (Rocky) | memcached | Out of support scope |
Показывать по
Дополнительная информация
Статус:
5.3 Medium
CVSS3
Связанные уязвимости
memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.
memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.
memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer ...
memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.
Уязвимость программного средства кэширования данных memcached, связанная с переполнением буфера на основе стека , позволяющая нарушителю вызвать отказ в обслуживании
5.3 Medium
CVSS3