CVE-2022-48571

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-48571

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48571.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-48571

Aliases

BIT-memcached-2022-48571

Downstream

DEBIAN-CVE-2022-48571

DLA-3557-1

UBUNTU-CVE-2022-48571

USN-6382-1

Published

2023-08-22T19:16:32.233Z

Modified

2026-03-14T12:00:50.620065Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP.

References

Affected packages

Git / github.com/memcached/memcached

Affected ranges

Type

GIT

Repo

https://github.com/memcached/memcached

Events

Introduced

Last affected

ad8dfd265523e027b042aec59055409a22668c64

Fixed

6b319c8c7a29e9c353dec83dc92f01905f6c8966

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.6.7"
        }
    ]
}

Affected versions

1.*

1.2.0

1.2.1

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.3.2

1.3.3

1.4-rc1

1.4.0

1.4.0-rc1

1.4.1

1.4.1-rc1

1.4.10

1.4.11

1.4.11-beta1

1.4.11-rc1

1.4.12

1.4.13

1.4.14

1.4.15

1.4.16

1.4.17

1.4.18

1.4.19

1.4.2

1.4.2-rc1

1.4.20

1.4.21

1.4.22

1.4.23

1.4.24

1.4.25

1.4.26

1.4.27

1.4.28

1.4.29

1.4.3

1.4.3-rc1

1.4.3-rc2

1.4.30

1.4.31

1.4.32

1.4.33

1.4.34

1.4.35

1.4.36

1.4.37

1.4.38

1.4.39

1.4.4

1.4.5

1.4.6

1.4.6-rc1

1.4.7

1.4.7-rc1

1.4.8

1.4.8-rc1

1.4.9

1.5.0

1.5.1

1.5.10

1.5.11

1.5.12

1.5.13

1.5.14

1.5.15

1.5.16

1.5.17

1.5.18

1.5.19

1.5.2

1.5.20

1.5.21

1.5.22

1.5.3

1.5.4

1.5.5

1.5.6

1.5.7

1.5.8

1.5.9

1.6.0

1.6.1

1.6.2

1.6.3

1.6.4

1.6.5

1.6.6

1.6.7

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48571.json"

vanir_signatures

[
    {
        "deprecated": false,
        "signature_type": "Function",
        "signature_version": "v1",
        "digest": {
            "function_hash": "277595834115750926081168654056959466818",
            "length": 743.0
        },
        "source": "https://github.com/memcached/memcached/commit/6b319c8c7a29e9c353dec83dc92f01905f6c8966",
        "id": "CVE-2022-48571-5a84bf62",
        "target": {
            "file": "memcached.c",
            "function": "out_string"
        }
    },
    {
        "deprecated": false,
        "signature_type": "Line",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "16474155107867817979884601193417341473",
                "304845883741849737249974174878835322495",
                "163116486141553285337800761877515560800",
                "187307495520313252599712949149420848756",
                "157583762118996341008322745022473086232",
                "181568582211640541597876352317543209388",
                "329468026962106054737850338879188633569",
                "311883249388370600519773269147305399811",
                "104214854192785564424340080277292863319",
                "254404948309440207701611086037120258225"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/memcached/memcached/commit/6b319c8c7a29e9c353dec83dc92f01905f6c8966",
        "id": "CVE-2022-48571-c2a6934f",
        "target": {
            "file": "memcached.c"
        }
    },
    {
        "deprecated": false,
        "signature_type": "Function",
        "signature_version": "v1",
        "digest": {
            "function_hash": "305214104561482860577327136158784902875",
            "length": 896.0
        },
        "source": "https://github.com/memcached/memcached/commit/6b319c8c7a29e9c353dec83dc92f01905f6c8966",
        "id": "CVE-2022-48571-c52df0a3",
        "target": {
            "file": "memcached.c",
            "function": "try_read_udp"
        }
    }
]