Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Ubuntu 23.10 USN-6476-1 Critical: Memcached Remote Code Execution

ubuntu
Calendar Grey November 13, 2023
Dist Ubuntu Esm H88
Multiple weaknesses in memcached resolved for various Ubuntu versions. It is crucial to update systems to mitigate potential security threats.
Several security issues were fixed in memcached.

Summary

Several security issues were fixed in memcached.

Software Description:

- memcached: High-performance in-memory object caching system

Details:

It was discovered that Memcached incorrectly handled certain multiget

requests in proxy mode. A remote attacker could use this issue to cause

Memcached to crash, resulting in a denial of service, or possibly execute

arbitrary code. (CVE-2023-46852)

It was discovered that Memcached incorrectly handled certain proxy requests

in proxy mode. A remote attacker could use this issue to cause Memcached to

crash, resulting in a denial of service, or possibly execute arbitrary

code. (CVE-2023-46853)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10:
   memcached                       1.6.21-1ubuntu0.23.10.1

Ubuntu 23.04:
   memcached                       1.6.18-1ubuntu0.1

Ubuntu 22.04 LTS:
   memcached                       1.6.14-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6476-1

CVE-2023-46852, CVE-2023-46853

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6476-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here