TTCSIRT-221.080619: TT-CSIRT Advisory – PHP Security Updates

TTCSIRT-221.080619: TT-CSIRT Advisory – PHP Security Updates

PHP has released a security update stating that it has discovered the following issues in PHP7 –

a) Bug #78256 – Heap-buffer-overflow on exif_process_user_comment.

b) Bug #78222 – Heap-buffer-overflow on exif_scan_thumbnail.

c) Bug #78039 – FTP with SSL memory leak.

d) Bug #78279 – libxml_disable_entity_loader settings is shared between requests cgi-fcgi.

e) Bug #76058 – After “POST data can’t be buffered”, using php://input makes huge tmp files.

f) Bug #78231 – Segmentation fault upon stream_socket_accept of exported socket-to-stream.

g) Bug #78341 – Failure to detect smart branch in DFA pass.

h) Bug #78189 – File cache strips last character of uname hash.

i) Bug #78202 – Opcache stats for cache hits are capped at 32bit NUM.

j) Bug #78271 – Invalid result of if-else.

k) Bug #78291 – opcache_get_configuration doesn’t list all directives.

l) Bug #78338 – Array cross-border reading in PCRE.

m) Bug #78197 – PCRE2 version check in configure fails for “##.##-xxx” version strings.

n) Bug #78192 – SegFault when reuse statement after schema has changed.

o) Bug #77919 – Potential UAF in Phar RSHUTDOWN.

Successfully exploiting the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the affected application.

Further information on these vulnerabilities and how they can be mitigated can be found at https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-php-could-allow-for-arbitrary-code-execution_2019-077/