Multiple vulnerabilities have been found in memcached which could lead to the remote execution of arbitrary code.
|Package||net-misc/memcached on all architectures|
|Affected versions||< 1.4.33|
|Unaffected versions||>= 1.4.33|
memcached is a high-performance, distributed memory object caching system
Multiple integer overflow vulnerabilities were discovered in memcached. Please review the CVE identifiers and Cisco TALOS reports referenced below for details.
A remote attacker could abuse memcached’s binary protocol leading to the remote execution of arbitrary code.
There is no known workaround at this time.
All memcached users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/memcached-1.4.33"
January 02, 2017
January 02, 2017: 1