Vulnerability CVE-2018-1000127

Vulnerability Name:

CVE-2018-1000127 (CCN-140413)

Assigned:

2017-04-28

Published:

2017-04-28

Updated:

2020-08-24

Summary:

memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-190
CWE-667

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2018-1000127

Source: REDHAT
Type: Third Party Advisory
RHSA-2018:2290

Source: XF
Type: UNKNOWN
memcached-cve20181000127-dos(140413)

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/memcached/memcached/commit/a8c4a82787b8b6c256d61bd5c42fb7f92d1bae00

Source: CCN
Type: Memcached GIT Repository
Memcached gets a dead loop in func assoc_find #271

Source: CONFIRM
Type: Third Party Advisory
https://github.com/memcached/memcached/issues/271

Source: CONFIRM
Type: Release Notes, Third Party Advisory
https://github.com/memcached/memcached/wiki/ReleaseNotes1437

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20180329 [SECURITY] [DLA 1329-1] memcached security update

Source: UBUNTU
Type: Third Party Advisory
USN-3601-1

Source: DEBIAN
Type: Third Party Advisory
DSA-4218

Vulnerable Configuration:

Configuration 1:

cpe:/a:memcached:memcached:*:*:*:*:*:*:*:* (Version < 1.4.37)

Configuration 2:

cpe:/o:debian:debian_linux:7.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*

Configuration 4:

cpe:/a:redhat:openstack:10:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:memcached:memcached:1.4.36:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:607	P	Security update for gstreamer-plugins-base (Moderate) (in QA)	2022-09-12
oval:org.opensuse.security:def:20181000127	V	CVE-2018-1000127	2022-09-02
oval:org.opensuse.security:def:3507	P	gnutls-3.3.27-3.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:1526	P	Security update for php7 (Important)	2022-06-24
oval:org.opensuse.security:def:95137	P	memcached-1.5.6-4.7.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94229	P	(Important)	2022-05-03
oval:org.opensuse.security:def:1058	P	Security update for MozillaFirefox (Important)	2022-04-07
oval:org.opensuse.security:def:1580	P	Security update for python2-numpy (Moderate)	2022-03-31
oval:org.opensuse.security:def:112978	P	memcached-1.6.9-2.3 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:68080	P	Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP1) (Important)	2021-11-17
oval:org.opensuse.security:def:1642	P	Security update for qemu (Important)	2021-11-03
oval:org.opensuse.security:def:106425	P	memcached-1.6.9-2.3 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:63225	P	memcached-1.5.6-2.10 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:103715	P	memcached-1.5.6-2.10 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:97025	P	memcached-1.5.6-2.10 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71320	P	libsystemd0-234-24.25.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:90060	P	memcached-1.5.6-2.10 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2136	P	memcached-1.5.6-2.10 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:66898	P	Security update for openexr (Important)	2021-08-20
oval:org.opensuse.security:def:48226	P	libxerces-c-3_1-3.1.1-12.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47715	P	libgypsy0-0.9-6.22 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47525	P	w3m-0.5.3.git20161120-160.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48040	P	gzip-1.10-2.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47540	P	yast2-core-3.2.2-1.29 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48280	P	python-cryptography-1.3.1-7.13.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47854	P	perl-XML-LibXML-2.0019-6.3.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47579	P	cpp48-4.8.5-31.17.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48078	P	libXfont2-2-2.0.3-1.19 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47594	P	dnsmasq-2.78-18.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47908	P	ucode-intel-20180807a-13.35.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47526	P	wget-1.14-20.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48132	P	libjavascriptcoregtk-4_0-18-2.24.4-2.47.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47661	P	lftp-4.7.4-3.3.20 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47986	P	cvs-1.12.12-182.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47580	P	cracklib-2.9.0-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:101383	P	memcached-1.5.6-4.5.30 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2268	P	memcached-1.5.6-4.5.30 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63357	P	memcached-1.5.6-4.5.30 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:1004	P	grub2-2.04-20.4 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100942	P	libnghttp2-14-1.40.0-3.5.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:64733	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:70254	P	Security update for dbus-1 (Important)	2021-06-30
oval:org.opensuse.security:def:48736	P	libjavascriptcoregtk-1_0-0-2.4.8-16.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48524	P	libmspack0-0.4-14.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48651	P	xinetd-2.3.15-7.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48753	P	pidgin-otr-4.0.0-6.18 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48578	P	mozilla-nspr-4.12-15.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48705	P	rhythmbox-3.0.2-1.92 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48440	P	gv-3.7.4-1.36 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48807	P	libvirt-client-32bit-2.0.0-26.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48586	P	opie-2.4-724.56 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48682	P	libgadu3-1.11.4-1.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48494	P	libgc1-7.2d-3.75 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48640	P	update-alternatives-1.18.4-14.216 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:66806	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:67980	P	Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP1) (Important)	2021-04-28
oval:org.opensuse.security:def:73589	P	Security update for spamassassin (Important)	2021-04-13
oval:org.opensuse.security:def:64646	P	Security update for jasper (Important)	2021-02-16
oval:org.opensuse.security:def:117166	P	memcached-1.5.6-4.5.30 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2198	P	memcached-1.5.6-4.5.30 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71433	P	amavisd-new-2.11.1-6.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63287	P	memcached-1.5.6-4.5.30 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107608	P	memcached-1.5.6-4.5.30 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2082	P	memcached-1.5.6-2.10 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63171	P	memcached-1.5.6-2.10 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:70149	P	binutils-devel-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50083	P	memcached on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73471	P	rtkit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49913	P	libsamba-policy0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49967	P	memcached on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50021	P	memcached on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50029	P	rarpd on GA media (Moderate)	2020-12-01
oval:com.ubuntu.artful:def:20181000127000	V	CVE-2018-1000127 on Ubuntu 17.10 (artful) - medium.	2018-03-13
oval:com.ubuntu.xenial:def:201810001270000000	V	CVE-2018-1000127 on Ubuntu 16.04 LTS (xenial) - medium.	2018-03-13
oval:com.ubuntu.trusty:def:20181000127000	V	CVE-2018-1000127 on Ubuntu 14.04 LTS (trusty) - medium.	2018-03-13
oval:com.ubuntu.xenial:def:20181000127000	V	CVE-2018-1000127 on Ubuntu 16.04 LTS (xenial) - medium.	2018-03-13

BACK