Heap-out-of-bounds write in php7 (Alpine package)
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2017-9226 |
| CWE-ID | CWE-787 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
php7 (Alpine package) Operating systems & Components / Operating system package or component |
| Vendor | Alpine Linux Development Team |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Heap-out-of-bounds write
EUVDB-ID: #VU7346
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-9226
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code.
The weakness exists in the mbstring due to heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. A remote attacker can supply a malformed regular expression containing an octal number in the form of '\700', trigger
out-of-bounds write memory corruption and execute arbitrary code with web server privileges.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Vulnerable software versionsphp7 (Alpine package): 7.0.7-r0 - 7.0.25-r0
CPE2.3- cpe:2.3:o:alpine:php7_alpine_package:7.0.25-r0:*:*:*:*:alpine_linux:*:
- cpe:2.3:o:alpine:php7_alpine_package:7.0.21-r0:*:*:*:*:alpine_linux:*:
- cpe:2.3:o:alpine:php7_alpine_package:7.0.7-r0:*:*:*:*:alpine_linux:*:
http://git.alpinelinux.org/aports/commit/?id=4a7ccf578f5caf82b4c9120ac266ff49f245549a
http://git.alpinelinux.org/aports/commit/?id=fa666308ab37b32d9aef124a737b59ebd06a1f7a
http://git.alpinelinux.org/aports/commit/?id=51a3714b5e5cf29bd19d94539add9f98b4a86572
http://git.alpinelinux.org/aports/commit/?id=c85efb30e1a0fd2e5950c1d99484261caa16779c
http://git.alpinelinux.org/aports/commit/?id=5e4dbc0d75238b02e3ad3bd55b5ac3a8b74bab3a
http://git.alpinelinux.org/aports/commit/?id=0bdb67976ff9b2169218a5be5167d7e45f8731ef
http://git.alpinelinux.org/aports/commit/?id=f2c409bcadb97db7ec586e33786caf7534dcb9fc
http://git.alpinelinux.org/aports/commit/?id=1a53597add5f7fe591eb04408ce4c216d5a053a4
http://git.alpinelinux.org/aports/commit/?id=c0c3f19f1930e23311fa082667b07223ee444314
http://git.alpinelinux.org/aports/commit/?id=edfeba70bca7213cd531fdf096a304c973fbf241
http://git.alpinelinux.org/aports/commit/?id=5bc4c8508af2005bd3b07fbc84e18ed4fb6f292c
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
