This vulnerability is marked as RESERVED by NVD. This means that the CVE-ID is reserved for future use by the CVE Numbering Authority (CNA) or a security researcher, but the details of it are not yet publicly available yet.
This page will reflect the classification results once they are available through NVD.
Any vendor information available is shown as below.
Exception handler frees variables via cleanup_live_vars for termination. However, the subsequent php_request_shutdown performs reference counting on these variables using zend_gc_refcount(read) and zend_gc_delref(write), resulting in use-after-free. Since zend_mm_free_small stores metadata in freed memory chunks, this use-after-free vulnerability may allows manipulation of the Zend allocator through reference count behaviors.
| Name | Vendor | Version |
|---|---|---|
| Php5 | Ubuntu/upstream | TBD |
| Php5 | Ubuntu/esm-infra-legacy/trusty | TBD |
| Php7.0 | Ubuntu/upstream | TBD |
| Php7.0 | Ubuntu/esm-infra/xenial | TBD |
| Php7.2 | Ubuntu/upstream | TBD |
| Php7.2 | Ubuntu/esm-infra/bionic | TBD |
| Php7.4 | Ubuntu/focal | TBD |
| Php7.4 | Ubuntu/upstream | TBD |
| Php8.1 | Ubuntu/jammy | TBD |
| Php8.1 | Ubuntu/upstream | TBD |
| Php8.3 | Ubuntu/upstream | TBD |
| Php8.3 | Ubuntu/noble | TBD |
| Php8.3 | Ubuntu/oracular | TBD |
| Php8.4 | Ubuntu/devel | TBD |
| Php8.4 | Ubuntu/upstream | TBD |