In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.
The product calls free() on a pointer to memory that was not allocated using associated heap allocation functions such as malloc(), calloc(), or realloc().
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Php | Php | 7.4.0 (including) | 7.4.30 (excluding) |
| Php | Php | 8.0.0 (including) | 8.0.20 (excluding) |
| Php | Php | 8.1.0 (including) | 8.1.7 (excluding) |
| Red Hat Enterprise Linux 8 | RedHat | php:7.4-8060020220811045407.5caa48ff | * |
| Red Hat Enterprise Linux 8 | RedHat | php:8.0-8070020220801083134.afd00e68 | * |
| Red Hat Enterprise Linux 9 | RedHat | php-0:8.0.20-3.el9 | * |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | rh-php73-php-0:7.3.33-1.el7 | * |
| Php5 | Ubuntu | esm-infra-legacy/trusty | * |
| Php5 | Ubuntu | trusty | * |
| Php5 | Ubuntu | trusty/esm | * |
| Php7.0 | Ubuntu | esm-infra/xenial | * |
| Php7.0 | Ubuntu | xenial | * |
| Php7.2 | Ubuntu | bionic | * |
| Php7.4 | Ubuntu | focal | * |
| Php7.4 | Ubuntu | upstream | * |
| Php8.0 | Ubuntu | impish | * |
| Php8.0 | Ubuntu | upstream | * |
| Php8.1 | Ubuntu | jammy | * |
| Php8.1 | Ubuntu | kinetic | * |
| Php8.1 | Ubuntu | lunar | * |
| Php8.1 | Ubuntu | upstream | * |