Bug 516489 (CVE-2009-2415) - CVE-2009-2415 memcached: heap-based buffer overflow
Summary: CVE-2009-2415 memcached: heap-based buffer overflow
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: CVE-2009-2415
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 542057 542058
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-08-10 07:53 UTC by Tomas Hoger
Modified: 2012-02-07 06:06 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-02-07 06:06:13 UTC


Attachments (Terms of Use)
Debian patch for 1.2.2 (from DSA-1853-1) (1.68 KB, patch)
2009-08-10 07:54 UTC, Tomas Hoger
no flags Details | Diff

Description Tomas Hoger 2009-08-10 07:53:24 UTC
Debian has released a security advisory DSA-1853 for memcached:

  Ronald Volgers discovered that memcached, a high-performance memory object
  caching system, is vulnerable to several heap-based buffer overflows due
  to integer conversions when parsing certain length attributes. An attacker
  can use this to execute arbitrary code on the system running memcached (on
  etch with root privileges).

  http://www.debian.org/security/2009/dsa-1853

Attacker needs to have access to memcached's port.  Additionally, memcached is run under dedicated non-privileged user on Fedora.

Comment 1 Tomas Hoger 2009-08-10 07:54:22 UTC
Created attachment 356858 [details]
Debian patch for 1.2.2 (from DSA-1853-1)

Patch extracted from Debian update for 1.2.2.

Upstream fix for 1.2.8 should be this:
  http://consoleninja.net/code/memcached/memcached-1.2.8_proper_vlen_fix.patch

Comment 2 Paul Lindner 2009-08-12 06:37:20 UTC
dormando will create a 1.2.9 that contains 1.2.8+this patch

I'll spin out a new 1.2.9 versions.

Comment 3 Vincent Danen 2009-11-28 04:16:14 UTC
I'm assuming that 1.4.0 has this fix since 1.2.9 was supposed to have this fix (hard to tell since the ChangeLog file is not up to date).  However, Fedora 10 and 11 still have the 1.2.8 version.  Where is the 1.2.9 version promised in comment #2?

Comment 5 Fedora Update System 2009-12-11 18:27:07 UTC
memcached-1.2.8-2.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.