PT-2018-1113 · Php+5 · Php+5

Liu Yang

Published

2018-03-01

Updated

2020-04-08

CVE-2018-7584

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions PHP versions 5.6.33 and earlier PHP versions 7.0.x through 7.0.27 PHP versions 7.1.x through 7.1.14 PHP versions 7.2.x through 7.2.2

Description The issue is caused by a stack-based buffer under-read in the php stream url wrap http ex function when parsing an HTTP response. This results in copying a large string. The vulnerability can be exploited by a remote attacker using a specially crafted HTTP response, potentially allowing them to execute arbitrary code or cause a denial of service.

Recommendations For PHP version 5.6.33 and earlier, update to a version later than 5.6.33. For PHP versions 7.0.x through 7.0.27, update to version 7.0.28 or later. For PHP versions 7.1.x through 7.1.14, update to a version later than 7.1.14. For PHP versions 7.2.x through 7.2.2, update to a version later than 7.2.2. As a temporary workaround, consider restricting access to the php stream url wrap http ex function until a patch is available.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALT-PU-2018-1702

ALT-PU-2018-1704

BDU:2018-00525

CESA-2020_1112

CVE-2018-7584

DLA-1326-1

DLA-1397-1

DSA-4240-1

MGASA-2018-0167

RHSA-2019:2519

RHSA-2020:1112

RHSA-2020_1112

SUSE-SU-2018:0646-1

SUSE-SU-2018:0717-1

SUSE-SU-2018:0806-1

SUSE-SU-2018_0646-1

SUSE-SU-2018_0717-1

USN-3600-1

USN-3600-2

Affected Products

Alt Linux

Centos

Php

Red Hat

Suse

Ubuntu

PT-2018-1113 · Php+5 · Php+5

CVE-2018-7584

Weakness Enumeration

Related Identifiers

Affected Products

References · 54