CVE Vulnerabilities

CVE-2018-14884

NULL Pointer Dereference

Published: Aug 03, 2018 | Modified: Nov 21, 2024
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
7.5 MODERATE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ubuntu
MEDIUM

An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. Inappropriately parsing an HTTP response leads to a segmentation fault because http_header_value in ext/standard/http_fopen_wrapper.c can be a NULL value that is mishandled in an atoi call.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name Vendor Start Version End Version
Php Php 7.0.0 (including) 7.0.27 (excluding)
Php Php 7.1.0 (including) 7.1.13 (excluding)
Php Php 7.2.0 (including) 7.2.1 (excluding)
Red Hat Software Collections for Red Hat Enterprise Linux 7 RedHat rh-php71-php-0:7.1.30-1.el7 *
Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS RedHat rh-php71-php-0:7.1.30-1.el7 *
Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS RedHat rh-php71-php-0:7.1.30-1.el7 *
Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS RedHat rh-php71-php-0:7.1.30-1.el7 *
Php7.0 Ubuntu upstream *
Php7.2 Ubuntu upstream *

Potential Mitigations

References