Amazon Linux AMI update for php55-pecl-memcached

Published: 2023-01-24

Risk	Medium
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2022-26635
CWE-ID	CWE-113
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	Amazon Linux AMI Operating systems & Components / Operating system php55-pecl-memcached Operating systems & Components / Operating system package or component
Vendor	Amazon Web Services

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) HTTP response splitting

EUVDB-ID: #VU71490

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-26635

CWE-ID:

Exploit availability:

Description

The vulnerability allows a remote attacker to perform HTTP splitting attacks.

The vulnerability exists due improper NULL termination when processing CRLF character sequences. A remote attacker can send specially crafted request containing CRLF sequence and make the application to send a split HTTP response.

Successful exploitation of the vulnerability may allow an attacker perform cache poisoning attack.

Mitigation

Update the affected packages:

i686:
    php55-pecl-memcached-debuginfo-2.2.0-5.17.amzn1.i686
    php55-pecl-memcached-2.2.0-5.17.amzn1.i686

src:
    php55-pecl-memcached-2.2.0-5.17.amzn1.src

x86_64:
    php55-pecl-memcached-debuginfo-2.2.0-5.17.amzn1.x86_64
    php55-pecl-memcached-2.2.0-5.17.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

php55-pecl-memcached: before 2.2.0-5.17

Fixed software versions

CPE2.3

cpe:2.3:o:amazon_web_services:amazon_linux_ami:*:*:*:*:*:*:*:*

External links

http://alas.aws.amazon.com/ALAS-2023-1671.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?