SB2024121167 - Red Hat Enterprise Linux 8 update for the php:8.2 module

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024121167

SB2024121167 - Red Hat Enterprise Linux 8 update for the php:8.2 module

Published: December 11, 2024

Security Bulletin ID SB2024121167
Severity
High
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

High 14% Medium 43% Low 43%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Security features bypass (CVE-ID: CVE-2022-31629)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to the way PHP handles HTTP variable names. A remote attacker can set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.


2) Security features bypass (CVE-ID: CVE-2024-2756)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to the way PHP handles HTTP variable names. A remote attacker can set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

Note, the vulnerability exists due to incomplete fix for #VU67756 (CVE-2022-31629).


3) Improper Authentication (CVE-ID: CVE-2024-3096)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in within the password_verify() function, which can erroneously return true. A remote attacker can bypass implemented authentication based on the vulnerable function and gain unauthorized access to the web application.


4) Input validation error (CVE-ID: CVE-2024-5458)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient validation of user-supplied input when parsing URL. A remote attacker can bypass the filter_var FILTER_VALIDATE_URL checks.


5) Input validation error (CVE-ID: CVE-2024-8925)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient validation of user-supplied input when parsing multipart form data. A remote attacker can pass specially crafted input to the application and bypass implemented security restrictions.


6) Security features bypass (CVE-ID: CVE-2024-8927)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to environment variable collision, which can lead to cgi.force_redirect bypass. A remote attacker can bypass implemented security restriction and gain unauthorized access to the application.



7) Insufficient Logging (CVE-ID: CVE-2024-9026)

The vulnerability allows an attacker to alter log files.

The vulnerability exists due to an unspecified error, which can lead to logs from child processes to be altered.


Remediation

Install update from vendor's website.

References