An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. Inappropriately parsing an HTTP response leads to a segmentation fault because http_header_value in ext/standard/http_fopen_wrapper.c can be a NULL value that is mishandled in an atoi call.
Weakness
The product dereferences a pointer that it expects to be valid but is NULL.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Php | Php | 7.0.0 (including) | 7.0.27 (excluding) |
| Php | Php | 7.1.0 (including) | 7.1.13 (excluding) |
| Php | Php | 7.2.0 (including) | 7.2.1 (excluding) |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | rh-php71-php-0:7.1.30-1.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS | RedHat | rh-php71-php-0:7.1.30-1.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS | RedHat | rh-php71-php-0:7.1.30-1.el7 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS | RedHat | rh-php71-php-0:7.1.30-1.el7 | * |
| Php7.0 | Ubuntu | upstream | * |
| Php7.2 | Ubuntu | upstream | * |
Potential Mitigations
References
- http://php.net/ChangeLog-7.php
- https://access.redhat.com/errata/RHSA-2019:2519
- https://bugs.php.net/bug.php?id=75535
- https://security.netapp.com/advisory/ntap-20181107-0003/
- http://php.net/ChangeLog-7.php
- https://access.redhat.com/errata/RHSA-2019:2519
- https://bugs.php.net/bug.php?id=75535
- https://security.netapp.com/advisory/ntap-20181107-0003/