Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 711208 (CVE-2019-15026) - <net-misc/memcached-1.5.17: stack-based buffer over-read in conn_to_str in memcached.c (CVE-2019-15026)
Summary: <net-misc/memcached-1.5.17: stack-based buffer over-read in conn_to_str in me...
Status: RESOLVED FIXED
Alias: CVE-2019-15026
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://github.com/memcached/memcache...
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2020-03-01 19:25 UTC by Sam James (sec padawan)
Modified: 2020-05-02 21:43 UTC (History)
2 users (show)

See Also:
Package list:
net-misc/memcached-1.5.22
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James (sec padawan) 2020-03-01 19:25:06 UTC
Description:
"Stack based out-of-bounds memory read"

Quote from URL:
"... though given the nature of the bug, while it will trip ASAN, there's no way to exploit it and it only occurs over unix domain sockets. No data is copied past the end of any buffers. Still, we take this seriously and have repaired the offending code, just in case."

NVD: https://nvd.nist.gov/vuln/detail/CVE-2019-15026

Affects:
- <1.5.17
Comment 1 Agostino Sarubbo gentoo-dev 2020-03-05 08:21:31 UTC
s390 stable
Comment 2 Agostino Sarubbo gentoo-dev 2020-03-05 08:32:04 UTC
sparc stable
Comment 3 Agostino Sarubbo gentoo-dev 2020-03-05 09:23:44 UTC
arm stable
Comment 4 Agostino Sarubbo gentoo-dev 2020-03-05 09:24:33 UTC
ppc stable
Comment 5 Agostino Sarubbo gentoo-dev 2020-03-05 09:26:52 UTC
ppc64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2020-03-05 09:27:27 UTC
ia64 stable
Comment 7 Mart Raudsepp gentoo-dev 2020-03-12 23:07:12 UTC
arm64 stable
Comment 8 Sam James (sec padawan) 2020-03-13 22:13:32 UTC
OK to cleanup?
Comment 9 Thomas Deutschmann gentoo-dev Security 2020-03-15 02:53:01 UTC
GLSA Vote: No!

@ maintainer(s): Please cleanup and drop =net-misc/memcached-1.5.14!
Comment 10 Larry the Git Cow gentoo-dev 2020-03-25 21:22:43 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d5f0f9d418d0a9477f08abc736ad6c1b98867ea1

commit d5f0f9d418d0a9477f08abc736ad6c1b98867ea1
Author:     Sam James (sam_c) <sam@cmpct.info>
AuthorDate: 2020-03-25 16:27:25 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-03-25 21:22:36 +0000

    net-misc/memcached: security cleanup (bug #711208)
    
    Bug: https://bugs.gentoo.org/711208
    Signed-off-by: Sam James (sam_c) <sam@cmpct.info>
    Closes: https://github.com/gentoo/gentoo/pull/15111
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 net-misc/memcached/Manifest                |  1 -
 net-misc/memcached/memcached-1.5.14.ebuild | 97 ------------------------------
 2 files changed, 98 deletions(-)
Comment 11 Thomas Deutschmann gentoo-dev Security 2020-03-25 21:23:21 UTC
Repository is clean, all done!
Comment 12 GLSAMaker/CVETool Bot gentoo-dev 2020-05-02 21:43:21 UTC
CVE-2019-15026 (https://nvd.nist.gov/vuln/detail/CVE-2019-15026):
  memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer
  over-read in conn_to_str in memcached.c.