suse · CVE-2013-7290

Quick triage

Priority: low Published: 2021-05-30 13:16:56 UTC Updated: 2026-04-18 18:47:50 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2013-7290 severity low: SUSE including 11 source package names (memcached-1.4.33-1.1, memcached-1.4.33-3.1, …), 18 product×package rows across 14 product lines (SUSE Enterprise Storage 4, SUSE Linux Enterprise High Performance Computing 12 SP5, … (14 product lines)): Fixed 18.

Description:

The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr, a different vulnerability than CVE-2013-0179.

cvelogic Threat Intelligence