ZeroPath at Black Hat USA 2026

Memcached CVE-2026-47783: Brief Summary of the SASL Timing Side Channel Vulnerability

A brief summary of CVE-2026-47783, a high severity timing side channel in memcached's SASL authentication that could allow remote username enumeration and password byte extraction in versions before 1.6.42.

CVE Analysis

6 min read

ZeroPath CVE Analysis
ZeroPath CVE Analysis

2026-05-19

Memcached CVE-2026-47783: Brief Summary of the SASL Timing Side Channel Vulnerability
Experimental AI-Generated Content

This CVE analysis is an experimental publication that is completely AI-generated. The content may contain errors or inaccuracies and is subject to change as more information becomes available. We are continuously refining our process.

If you have feedback, questions, or notice any errors, please reach out to us.

[email protected]

Introduction

A timing side channel in memcached's SASL authentication routine quietly allowed remote, unauthenticated attackers to distinguish valid usernames from invalid ones and potentially extract password bytes one at a time through precise network timing measurements. For organizations running memcached with SASL enabled over the binary protocol, this CVSS 8.1 vulnerability (CVE-2026-47783) in versions before 1.6.42 exposed credential material without requiring any prior access to the system.

Technical Information

The root cause of CVE-2026-47783 lies in the sasl_server_userdb_checkpass function, which handles SASL password database authentication in memcached. Two independent timing side channels existed in this code path, both classified under CWE-208 (Observable Timing Discrepancy).

Username Enumeration via Early Loop Exit

When processing an authentication request, the function iterated through the password file looking for a matching username. Upon finding a valid username, the loop immediately broke out and proceeded to password verification. For an invalid username, the loop continued scanning the entire file before returning a failure. This behavioral difference created a measurable timing discrepancy: requests with valid usernames returned faster (or slower, depending on the username's position in the file) than requests with invalid usernames. An attacker with the ability to send repeated authentication attempts and measure response times could statistically distinguish valid from invalid usernames.

Password Byte Leakage via Non Constant Time Comparison

Once a valid username was found, the password comparison used the standard C library memcmp function. This function is optimized for performance and returns as soon as it encounters the first differing byte. If the first byte of the attacker's guess matches the stored password, memcmp proceeds to the second byte before returning, taking slightly longer. By iterating through all possible values for each byte position and measuring which guess takes marginally longer, an attacker could reconstruct the password one byte at a time.

Attack Flow

An attacker targeting this vulnerability would follow this general approach:

  1. Identify a memcached instance with SASL authentication enabled over the binary protocol.
  2. Send repeated authentication requests with candidate usernames, measuring response times for each. Usernames that produce statistically different response times are likely valid.
  3. Once a valid username is confirmed, begin password extraction by sending authentication requests with systematically varied password guesses, measuring the timing of each response.
  4. For each byte position, the guess that produces a slightly longer response time indicates a correct byte match, as memcmp proceeded to compare the next byte before returning.
  5. Repeat across all byte positions to reconstruct the full password.

Exploitation Prerequisites

The CVSS vector string is AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. The attack complexity is rated High because successfully extracting credentials through timing analysis over a network requires many repeated measurements and statistical analysis to overcome network jitter and other noise. The attack is network exploitable (AV:N) and requires no privileges (PR:N) or user interaction (UI:N). If successful, the confidentiality, integrity, and availability impacts are all rated High.

Critically, exploitation is limited to memcached deployments that meet all of the following conditions:

  • Memcached was built with SASL support enabled.
  • SASL authentication is actively configured.
  • The binary protocol is in use.

Code Level Remediation

The fix, implemented in commit d13f282, addresses both timing channels through three specific changes:

  1. Removal of the early break: The loop now always scans the entire password file regardless of when (or whether) a matching username is found. This eliminates the timing difference between valid and invalid username lookups.
  2. Replacement of memcmp with safe_memcmp: The new function performs constant time comparisons, ensuring the comparison takes the same amount of time regardless of where the first differing byte occurs.
  3. Buffer zeroing before each read: The buffer is cleared to zero using memset before each fgets call, ensuring that comparisons past the stored password encounter known zero bytes rather than leftover data from previous iterations.

Affected Systems and Versions

All versions of memcached prior to 1.6.42 are affected, provided the following configuration conditions are met:

  • SASL support is compiled into the memcached binary.
  • SASL password database authentication is enabled.
  • The binary protocol is in use.

Memcached version 1.6.42 and later contain the fix for this vulnerability.

Vendor Security History

Memcached has a notable history of security incidents tied to deployment and configuration practices. In February 2018, misconfigured memcached servers were weaponized to launch record breaking distributed denial of service amplification attacks, with traffic volumes reaching 1.35 terabits per second. The root cause was a massive amplification factor in the UDP protocol, which led the project to disable UDP by default starting in version 1.5.6.

The 1.6.42 release is characterized by the maintainers as a major security focused release. It addresses not only this timing side channel but also numerous memory corruption and crash vulnerabilities. The maintainers noted a very high volume of security reports addressed in this single release, suggesting a period of concentrated security auditing and remediation.

References

Detect & fix
what others miss

Works with
  • GitHub
  • GitLab
  • Bitbucket
  • Azure DevOps Services
  • Jira
  • Linear
  • Slack
  • Security Compass
Security magnifying glass visualization