Out-of-bounds read in php (Alpine package)



Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2017-9227
CWE-ID CWE-125
Exploitation vector Network
Public exploit N/A
Vulnerable software
php (Alpine package)
Operating systems & Components / Operating system package or component

Vendor Alpine Linux Development Team

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Out-of-bounds read

EUVDB-ID: #VU7347

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-9227

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists in the mbstring due to an error in handling of reg->dmin in forward_search_range(). A remote attacker can trigger stack out-of-bounds read in mbc_enc_len() during regular expression searching and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Install update from vendor's website.

Vulnerable software versions

php (Alpine package): 5.6.30-r0

CPE2.3 External links

https://git.alpinelinux.org/aports/commit/?id=4a7ccf578f5caf82b4c9120ac266ff49f245549a
https://git.alpinelinux.org/aports/commit/?id=fa666308ab37b32d9aef124a737b59ebd06a1f7a
https://git.alpinelinux.org/aports/commit/?id=df5aeb27dfb1c9a6216feebc947c1a93e66eb856
https://git.alpinelinux.org/aports/commit/?id=2163755a312b6f196914d74c863dcc8edfb81e0b
https://git.alpinelinux.org/aports/commit/?id=0bdb67976ff9b2169218a5be5167d7e45f8731ef
https://git.alpinelinux.org/aports/commit/?id=f2c409bcadb97db7ec586e33786caf7534dcb9fc
https://git.alpinelinux.org/aports/commit/?id=1a53597add5f7fe591eb04408ce4c216d5a053a4
https://git.alpinelinux.org/aports/commit/?id=c0c3f19f1930e23311fa082667b07223ee444314
https://git.alpinelinux.org/aports/commit/?id=edfeba70bca7213cd531fdf096a304c973fbf241
https://git.alpinelinux.org/aports/commit/?id=5bc4c8508af2005bd3b07fbc84e18ed4fb6f292c


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###