Description

In PHP version 8.0.* before 8.0.30,  8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.

Related CPE's

a

php

php

3

o

fedoraproject

fedora

38

Vulnerable

o

debian

debian_linux

10.0

Vulnerable

References

https://github.com/php/php-src/security/advisories/GHSA-jqcx-ccgc-xwhv

ExploitThird Party Advisory

https://lists.debian.org/debian-lts-announce/2023/09/msg00002.html

Mailing List

https://lists.fedoraproject.org/archives/list/[email protected]/message/7NBF77WN6DTVTY2RE73IGPYD6M4PIAWA/

Mailing List

https://security.netapp.com/advisory/ntap-20230825-0001/

Third Party Advisory

Weaknesses

[email protected]

Primary
CWE-119

[email protected]

Secondary
CWE-119

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 · Critical

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2023-08-11T06:15:10.560

11 months ago

Last modified

2023-10-27T18:58:24.280

9 months ago