UBUNTU-CVE-2018-1000127

Advisory lineage Upstream: 1 Downstream: 1
Downstream
USN-3601-1
Published: 13 Mar 2018, 00:00
Last modified:04 Feb 2026, 02:31

Vulnerability Summary

Overall Risk (default)
medium
30/100
CVSS Score
7.5 HIGH
3.0 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

13 Mar 2018, 00:00
Published
Vulnerability first disclosed
04 Feb 2026, 02:31
Last Modified
Vulnerability information updated

Description

memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.

CVSS Metrics

  • v3.0HIGHScore: 7.5CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Systems

  • ubuntumemcached

    < 1.4.14-0ubuntu9.3 | < 1.4.25-2ubuntu1.4

References (4)