Dormando

**Name of the Vulnerable Software and Affected Versions** Memcached versions prior to 1.6.22 **Description** The issue is related to an off-by-one error when processing proxy requests in proxy mode, specifically if ` ` is used instead of `r `. This error can be exploited by a remote attacker to execute arbitrary code using a specially crafted HTTP request. **Recommendations** For versions prior to 1.6.22, update to version 1.6.22 or later to resolve the issue. As a temporary workaround, consider restricting the use of proxy mode or ensuring that only `r ` is used instead of ` ` for line endings in proxy requests.

**Name of the Vulnerable Software and Affected Versions** memcached versions prior to 1.6.22 **Description** The issue is related to a buffer overflow in the proxy run coroutine() function in memcached, which can be exploited by a remote attacker using a specially crafted HTTP request. This can lead to a denial of service. The buffer overflow occurs when processing multiget requests in proxy mode, specifically if there are many spaces after the "get" substring. **Recommendations** For versions prior to 1.6.22, update to version 1.6.22 or later to resolve the issue. As a temporary workaround, consider restricting access to the proxy mode in memcached to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.15.2 **Description** A race condition in the `ip4 datagram release cb` function allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets. **Recommendations** For Linux kernel versions prior to 3.15.2, update to version 3.15.2 or later to resolve the issue. As a temporary workaround, consider restricting access to IPv4 UDP sockets to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Memcached version 1.2.8 Description: The issue allows remote attackers to obtain potentially sensitive information by sending a specific command to the daemon's TCP port. This is due to the process stat function disclosing memory-allocation statistics in response to a `stats malloc` command. Recommendations: For Memcached version 1.2.8, consider restricting access to the daemon's TCP port to minimize the risk of exploitation. As a temporary workaround, avoid using the `process stat` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.