TTCSIRT-136.062618: TT-CSIRT Advisory – PHP Security Updates
PHP Security Consortium has released a security update stating that the following vulnerabilities have been discovered in PHP Ver 7.1.19 & 7.2.7:
a) Bug #76174 – openssl extension fails to build with LibreSSL 2.7.
b) Bug #76296 – openssl_pkey_get_public does not respect open_basedir.
c) Bug #76333 – PHP built-in server does not find files if root path contains special characters.
d) Bug #76335 – “link(): Bad file descriptor” with non-ASCII path.
e) Bug #76337 – segfault when opcache enabled + extension use zend_register_class_alias.
f) Bug #76367 – NoRewindIterator segfault 11.
g) Bug #76410 – SIGV in zend_mm_alloc_small.
h) Bug #76383 – array_map on $GLOBALS returns IS_INDIRECT.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the affected application.
Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights while failed exploitation could result in a denial-of-service condition.
Further information on these vulnerabilities and how they can be mitigated can be found at https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-php-could-allow-for-arbitrary-code-execution_2018-071/ |