SB2019020807 - Multiple vulnerabilities in PHP
Published: February 8, 2019
Security Bulletin ID
SB2019020807
Severity
Low
Patch available
YES
Number of vulnerabilities
14
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 14 secuirty vulnerabilities.
1) Segmentation fault (CVE-ID: N/A)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to a flaw when two RecursiveFilterIterator are added to RecursiveDirectoryIterator. A remote attacker can trigger segmentation fault and cause the service to crash.
2) Memory corruption (CVE-ID: N/A)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to boundary error in the function zend_cpu_supports_avx2(). A remote attacker can trigger memory corruption that may cause segfault and lead to denial of service.
3) Denial of service (CVE-ID: N/A)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to an error when calling realpath in an invalid working directory. A remote attacker can cause zend engine to crash.
4) Segmentation fault (CVE-ID: N/A)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to a flaw when using `CURLOPT_WRITEFUNCTION` and `CURLOPT_HEADERFUNCTION` in `CURLMOPT_PUSHFUNCTION`. A remote attacker can trigger segmentation fault and cause the service to crash.
5) Denial of service (CVE-ID: N/A)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to unspecified flaw. A remote attacker can cause php-fpm crash with Main process exited, code=dumped, status=11/SEGV.
6) Memory leak (CVE-ID: N/A)
The vulnerability allows a remote attacker to obtain potentially sensitive information or cause DoS condition on the target system.The weakness exists due to unbuffered queries memory leak. A remote attacker can gain access to arbitrary data or cause the service to crash.
7) Assertion failure (CVE-ID: N/A)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to assertion failed in dce_live_ranges. A remote attacker can trigger assertion failure and cause the service to crash.
8) Segmentation fault (CVE-ID: N/A)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to a flaw when using the "Advanced Editor" plugin in the BBS software Vanilla with an empty cache (the app's internal caching engine that is) the button row is missing. A remote attacker can trigger segmentation fault in zend_gc_addref and cause the service to crash.
9) Segmentation fault (CVE-ID: N/A)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to a flaw when using the "Advanced Editor" plugin in the BBS software Vanilla with an empty cache (the app's internal caching engine that is) the button row is missing. A remote attacker can trigger segmentation fault with persistent connection and cause the service to crash.
10) Segmentation fault (CVE-ID: N/A)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to segmentation fault when executing method with an empty parameter. A remote attacker can cause the service to crash.
11) Segmentation fault (CVE-ID: N/A)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to segmentation fault when add property to unserialized ArrayObject. A remote attacker can cause the service to crash.
12) Segmentation fault (CVE-ID: N/A)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to segmentation fault about array_multisort ?. A remote attacker can cause the service to crash.
13) Segmentation fault (CVE-ID: N/A)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to parse_str segfaults when inserting item into existing array. A remote attacker can cause the service to crash.
14) Denial of service (CVE-ID: N/A)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to a flaw when an expression such as `(2)::class` (with brackets) is parsed in source code. A remote attacker can trigger segmentation fault and cause the service to crash.
Remediation
Install update from vendor's website.
References
- https://bugs.php.net/bug.php?id=77263
- https://bugs.php.net/bug.php?id=77447
- https://bugs.php.net/bug.php?id=77484
- https://bugs.php.net/bug.php?id=76675
- https://bugs.php.net/bug.php?id=77430
- https://bugs.php.net/bug.php?id=77308
- https://bugs.php.net/bug.php?id=77266
- https://bugs.php.net/bug.php?id=77434
- https://bugs.php.net/bug.php?id=77289
- https://bugs.php.net/bug.php?id=77410
- https://bugs.php.net/bug.php?id=77298
- https://bugs.php.net/bug.php?id=77395
- https://bugs.php.net/bug.php?id=77439
- https://bugs.php.net/bug.php?id=77530