CVE-2019-11596 (retired)

Priority
Description
In memcached before 1.5.14, a NULL pointer dereference was found in the
"lru mode" and "lru temp_ttl" commands. This causes a denial of service
when parsing crafted lru command messages in process_lru_command in
memcached.c.
Assigned-to
mdeslaur
Package
Upstream:released (1.5.14)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not present)
Ubuntu 18.04 LTS (Bionic Beaver):released (1.5.6-0ubuntu1.1)
Ubuntu 18.10 (Cosmic Cuttlefish):released (1.5.10-0ubuntu1.18.10.1)
Ubuntu 19.04 (Disco Dingo):released (1.5.10-0ubuntu1.19.04.1)
Ubuntu 19.10 (Eoan):released (1.5.10-0ubuntu2)
Patches:
Upstream:https://github.com/memcached/memcached/commit/d35334f368817a77a6bd1f33c6a5676b2c402c02
More Information

Updated: 2019-05-01 14:14:57 UTC (commit cfa8fe26c148689d08dac011ec02bd55beb6b268)