CVE-2018-1000127

HIGH

memcached <1.4.37 - Memory Corruption

Title source: llm

Description

memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.

References (7)

Core 7

Core References

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:2290

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

https://lists.debian.org/debian-lts-announce/2018/03/msg00031.html

Patch, Third Party Advisory x_refsource_confirm

https://github.com/memcached/memcached/commit/a8c4a82787b8b6c256d61bd5c42fb7f92d1bae00

View Patch ZIP pw:eip

Third Party Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/3601-1/

Third Party Advisory vendor-advisory x_refsource_debian

https://www.debian.org/security/2018/dsa-4218

Release Notes, Third Party Advisory x_refsource_confirm

https://github.com/memcached/memcached/wiki/ReleaseNotes1437

Third Party Advisory x_refsource_confirm

https://github.com/memcached/memcached/issues/271

Scores

CVSS v3 7.5

EPSS 0.0100

EPSS Percentile 77.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-190 CWE-667

Status published

Products (8)

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 16.04

canonical/ubuntu_linux 17.10

debian/debian_linux 7.0

debian/debian_linux 8.0

debian/debian_linux 9.0

memcached/memcached < 1.4.37

redhat/openstack 10

Published Mar 13, 2018

Tracked Since Feb 18, 2026