CVE-2017-9951
First published: Mon Jul 17 2017(Updated: )
The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/memcached | <=1.4.21-1.1+deb8u1<=1.4.21-1.1<=1.4.33-1 | 1.5.0-1 1.4.33-1+deb9u1 1.4.21-1.1+deb8u2 |
| Memcached Memcached | <=1.4.38 | |
| ubuntu/memcached | <1.4.33-1ubuntu3.2 | 1.4.33-1ubuntu3.2 |
| ubuntu/memcached | <1.4.14-0ubuntu9.2 | 1.4.14-0ubuntu9.2 |
| ubuntu/memcached | <1.4.39 | 1.4.39 |
| ubuntu/memcached | <1.4.25-2ubuntu1.3 | 1.4.25-2ubuntu1.3 |
| debian/memcached | 1.6.9+dfsg-1 1.6.18-1 1.6.29-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://security-tracker.debian.org/tracker/CVE-2017-9951
- https://security-tracker.debian.org/tracker/CVE-2016-8705
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9951
- https://www.debian.org/doc/manuals/developers-reference/ch05.en.html#upload-stable
- https://security-tracker.debian.org/tracker/CVE-2018-1000115
- https://security-tracker.debian.org/tracker/CVE-2018-1000127
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868701
- http://www.securityfocus.com/bid/99874
- https://github.com/memcached/memcached/wiki/ReleaseNotes1439
- https://groups.google.com/forum/message/raw?msg=memcached/ubGWrkmrr4E/nrm1SeVJAQAJ
- https://usn.ubuntu.com/3588-1/
- https://www.debian.org/security/2018/dsa-4218
- https://www.twistlock.com/2017/07/13/cve-2017-9951-heap-overflow-memcached-server-1-4-38-twistlock-vulnerability-report/
- https://launchpad.net/bugs/cve/CVE-2017-9951
- https://github.com/memcached/memcached/commit/328629445c71e6c17074f6e9e0e3ef585b58f167
- https://ubuntu.com/security/notices/USN-3588-1
- https://www.cve.org/CVERecord?id=CVE-2017-9951
- https://nvd.nist.gov/vuln/detail/CVE-2017-9951
- https://ubuntu.com/security/CVE-2017-9951
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2017-9951.
What is the severity of CVE-2017-9951?
The severity of CVE-2017-9951 is high with a severity value of 7.5.
How does CVE-2017-9951 allow remote attackers to cause a denial of service?
CVE-2017-9951 allows remote attackers to cause a denial of service by triggering a heap-based buffer over-read through a request to add/set a key.
Which versions of memcached are affected by CVE-2017-9951?
Versions before 1.4.39 of memcached are affected by CVE-2017-9951.
How can I fix CVE-2017-9951?
To fix CVE-2017-9951, update memcached to version 1.4.39 or later.
- collector/debian-bugs
- alias/CVE-2017-9951
- collector/nvd-index
- agent/type
- agent/last-modified-date
- collector/launchpad-cve
- source/Launchpad
- agent/first-publish-date
- agent/author
- agent/remedy
- agent/severity
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/event
- agent/description
- collector/usn-cve
- source/Ubuntu
- agent/tags
- agent/references
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- package-manager/debian
- vendor/memcached
- canonical/memcached memcached
- version/memcached memcached/1.4.38
- package-manager/ubuntu