Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-22570: NULL pointer reference conduct DoS · Issue #636 · memcached/memcached

Memcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted meta command.

CVE
#dos#memcached

memcached maintainer,

I found a NULL pointer reference bug in code of memcached, which could conduct DoS by remote artificial command.

The affected memcached version: >1.6.0.

The bug location is at file: memcached.c, detailed information as the following:

In the function "process_mget_command", the local variable “errstr” is defined as a char*, which is not initialized.

In certain condition, the function “_meta_flag_preparse” is called in "process_mget_command", and the address of “errstr” is the 4th param.
In the function "_meta_flag_preparse", there is chances that the “*errstr” is not initialized while command is “F” or "S".

then, out_errstring->out_string->strlen referencing a NULL pointer, conduct a crash.

BR
Zhibin

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907