CVE-2020-10931: 
Memcached vulnerability analysis and mitigation

Memcached 1.6.x before 1.6.2 contains a vulnerability that allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protocol header to try_read_command_binary in memcached.c. The vulnerability was discovered and disclosed on March 24, 2020, affecting versions 1.6.0 and 1.6.1 of the Memcached software (NVD, CVE).

The vulnerability stems from a buffer overflow issue in the binary protocol header parsing functionality. The root cause is located in memcached.c where there is no mechanism to verify the parameter's length (extlen) when calling the memcpy function. The vulnerability has a CVSS v3.1 Base Score of 7.5 (High) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating it can be exploited remotely with low attack complexity and requires no privileges or user interaction (NVD, GitHub Issue).

The successful exploitation of this vulnerability results in a denial of service condition through daemon crash. The impact is limited to availability, with no direct effect on confidentiality or integrity of the system (NVD).

The vulnerability was fixed in Memcached version 1.6.2. Users are advised to update immediately to this version or later. As a temporary workaround, if the binary protocol is not being used, it can be disabled using the -B ascii option. The fix involves implementing proper length validation for the extlen parameter (Release Notes, GitHub Commit).