Ubuntu has issued an advisory on May 1: https://usn.ubuntu.com/3963-1/ The issue is fixed upstream in 1.5.14. Mageia 6 and Mageia 7 are also affected.
Whiteboard: (none) => MGA7TOO, MGA6TOO
Assigning to our registered memcached maintainer.
CC: (none) => marja11Assignee: bugsquad => mageia
Updated memcached packages fix security vulnerabilities: In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11596 https://usn.ubuntu.com/usn/usn-3963-1 ======================== Updated packages in core/updates_testing: ======================== mga6: memcached-1.5.16-1.mga6 memcached-devel-1.5.16-1.mga6 memcached-debuginfo-1.5.16-1.mga6 mga7: memcached-1.5.16-1.mga7 memcached-devel-1.5.16-1.mga7 memcached-debugsource-1.5.16-1.mga7 memcached-debuginfo-1.5.16-1.mga7 Source RPMs: memcached-1.5.16-1.mga6.src.rpm memcached-1.5.16-1.mga7.src.rpm
Assignee: mageia => qa-bugs
Version: Cauldron => 7Whiteboard: MGA7TOO, MGA6TOO => MGA6TOOCC: (none) => mageia
mga7, x86_64 Installed memcached and netcat. Reproducer: CVE-2019-11596 https://github.com/memcached/memcached/issues/474 Started memcached in a terminal then in another issued this command: $ echo -n "bHJ1IG1vZGUKb7G0AGxydWRl6gdtTk9UXw==" | base64 -d | nc 127.0.0.1 11211 $ memcached Segmentation fault (core dumped) $ urpmq --whatrequires memcached memcached memcached-devel sogo Installed sogo and researched it online. It is a groupware server so this goes no further. Using the PoC as the sole test of this package. Ran the update, ignoring the debug packages. $ rpm -qa | grep memcached memcached-1.5.16-1.mga7 lib64memcached11-1.0.18-5.mga7 memcached-devel-1.5.16-1.mga7 Started memcached in a terminal. In another terminal: $ echo -n "bHJ1IG1vZGUKb7G0AGxydWRl6gdtTk9UXw==" | base64 -d | nc 127.0.0.1 11211 ERROR Ctrl-C $ memcached continued running. Clean update and evidence that the patch works.
Whiteboard: MGA6TOO => MGA6TOO MGA7-64-OKCC: (none) => tarazed25
mga6, x86_64 Installed memcached and memcached-devel. Executed the PoC exactly as in comment 3 with the expected result - memcached segfaulted. After the update the PoC generated an ERROR message at the client end and memcached continued running. $ rpm -qa | grep memcached memcached-devel-1.5.16-1.mga6 memcached-1.5.16-1.mga6 Good for 64bits.
Whiteboard: MGA6TOO MGA7-64-OK => MGA6TOO MGA7-64-OK MGA6-64-OK
Keywords: (none) => advisory, validated_updateCC: (none) => tmb, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0232.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED