Memcached vulnerabilities

2023-11-1300:00:00

ubuntu.com

memcached

ubuntu

vulnerabilities

denial of service

arbitrary code

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.001

Percentile

43.8%

JSON

Releases

Ubuntu 23.10
Ubuntu 23.04
Ubuntu 22.04 LTS

Packages

memcached - High-performance in-memory object caching system

Details

It was discovered that Memcached incorrectly handled certain multiget
requests in proxy mode. A remote attacker could use this issue to cause
Memcached to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2023-46852)

It was discovered that Memcached incorrectly handled certain proxy requests
in proxy mode. A remote attacker could use this issue to cause Memcached to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2023-46853)

OSVersionArchitecturePackageVersionFilename
Ubuntu23.10noarchmemcached< 1.6.21-1ubuntu0.23.10.1UNKNOWN
Ubuntu23.10noarchmemcached-dbgsym< 1.6.21-1ubuntu0.23.10.1UNKNOWN
Ubuntu23.04noarchmemcached< 1.6.18-1ubuntu0.1UNKNOWN
Ubuntu23.04noarchmemcached-dbgsym< 1.6.18-1ubuntu0.1UNKNOWN
Ubuntu22.04noarchmemcached< 1.6.14-1ubuntu0.1UNKNOWN
Ubuntu22.04noarchmemcached-dbgsym< 1.6.14-1ubuntu0.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	23.10	noarch	memcached	< 1.6.21-1ubuntu0.23.10.1	UNKNOWN
Ubuntu	23.10	noarch	memcached-dbgsym	< 1.6.21-1ubuntu0.23.10.1	UNKNOWN
Ubuntu	23.04	noarch	memcached	< 1.6.18-1ubuntu0.1	UNKNOWN
Ubuntu	23.04	noarch	memcached-dbgsym	< 1.6.18-1ubuntu0.1	UNKNOWN
Ubuntu	22.04	noarch	memcached	< 1.6.14-1ubuntu0.1	UNKNOWN
Ubuntu	22.04	noarch	memcached-dbgsym	< 1.6.14-1ubuntu0.1	UNKNOWN