Kwrnel

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.4.43 PHP versions 5.5.x prior to 5.5.27 PHP versions 5.6.x prior to 5.6.11 **Description** The issue exists due to a lack of validation of a file pointer before it is closed in the `phar convert to other` function. This can be exploited by a remote attacker using a specially crafted TAR archive, potentially leading to a denial of service or other unspecified impacts. **Recommendations** For PHP versions prior to 5.4.43, update to version 5.4.43 or later. For PHP versions 5.5.x prior to 5.5.27, update to version 5.5.27 or later. For PHP versions 5.6.x prior to 5.6.11, update to version 5.6.11 or later.