CVE-2017-9951

Priority
Low
Description
The try_read_command function in memcached.c in memcached before 1.4.39
allows remote attackers to cause a denial of service (segmentation fault)
via a request to add/set a key, which makes a comparison between signed and
unsigned int and triggers a heap-based buffer over-read. NOTE: this
vulnerability exists because of an incomplete fix for CVE-2016-8705.
Ubuntu-Description
Daniel Shapira discovered an integer overflow issue in Memcached. A
remote attacker could use this to cause a denial of service (daemon
crash).
References
Bugs
Package
Upstream:released (1.4.39)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (1.4.14-0ubuntu9.2)
Ubuntu 16.04 LTS (Xenial Xerus):released (1.4.25-2ubuntu1.3)
Ubuntu 17.10 (Artful Aardvark):released (1.4.33-1ubuntu3.2)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (1.5.4-1ubuntu1)
Patches:
Upstream:https://github.com/memcached/memcached/commit/328629445c71e6c17074f6e9e0e3ef585b58f167
More Information

Updated: 2018-06-26 05:02:57 UTC (commit 7799c934cca373482531a7b00e4dfe82302ceae5)