Security
Security
Multiple vulnerabilities have been found in memcached which could lead to the remote execution of arbitrary code.
| Package | net-misc/memcached on all architectures |
|---|---|
| Affected versions | < 1.4.33 |
| Unaffected versions | >= 1.4.33 |
memcached is a high-performance, distributed memory object caching system
Multiple integer overflow vulnerabilities were discovered in memcached. Please review the CVE identifiers and Cisco TALOS reports referenced below for details.
A remote attacker could abuse memcached’s binary protocol leading to the remote execution of arbitrary code.
There is no known workaround at this time.
All memcached users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/memcached-1.4.33"
Release date
January 02, 2017
Latest revision
January 02, 2017: 1
Severity
normal
Exploitable
remote
Bugzilla entries