Arch Linux Security Advisory ASA-201501-17
=========================================
Severity: Critical
Date    : 2015-01-23
CVE-ID  : CVE-2014-9427 CVE-2015-0231 CVE-2015-0232
Package : php
Type    : remote code execution
Remote  : Yes
Link    : https://wiki.archlinux.org/title/CVE

Summary
======
The package php before version 5.6.5-1 is vulnerable to arbitrary remote
code execution.

Resolution
=========
Upgrade to 5.6.5-1.

# pacman -Syu "php>=5.6.5-1"

The problem has been fixed upstream in version 5.6.5.

Workaround
=========
None.

Description
==========
- CVE-2014-9427 (information leak, remote code execution)

A one-byte file containing only the '#' character, not followed by any
newline, causes php-cgi to do an out of bound read, potentially
disclosing sensitive information present in memory or even triggering
code execution if adjacent memory location contains valid PHP code.

- CVE-2015-0231 (remote code execution)

A use-after-free vulnerability in unserialize() allows a remote attacker
to execute arbitrary code. This vulnerability results from an incomplete
fix for CVE-2014-8142.

- CVE-2015-0232 (remote code execution)

An attempt to free an uninitialized pointer may result in arbitrary code
execution while parsing exif information from a carefully crafted file.

Impact
=====
A remote attacker may be able to execute arbitrary code on the affected
host.

References
=========
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9427
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0231
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0232
https://bugs.php.net/bug.php?id=68618
https://bugs.php.net/bug.php?id=68710
https://bugs.php.net/bug.php?id=68799

ArchLinux: 201501-17: php: remote code execution

January 23, 2015

Summary

- CVE-2014-9427 (information leak, remote code execution) A one-byte file containing only the '#' character, not followed by any newline, causes php-cgi to do an out of bound read, potentially disclosing sensitive information present in memory or even triggering code execution if adjacent memory location contains valid PHP code.
- CVE-2015-0231 (remote code execution)
A use-after-free vulnerability in unserialize() allows a remote attacker to execute arbitrary code. This vulnerability results from an incomplete fix for CVE-2014-8142.
- CVE-2015-0232 (remote code execution)
An attempt to free an uninitialized pointer may result in arbitrary code execution while parsing exif information from a carefully crafted file.

Resolution

Upgrade to 5.6.5-1. # pacman -Syu "php>=5.6.5-1"
The problem has been fixed upstream in version 5.6.5.

References

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9427 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0231 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0232 https://bugs.php.net/bug.php?id=68618 https://bugs.php.net/bug.php?id=68710 https://bugs.php.net/bug.php?id=68799

Severity
Package : php
Type : remote code execution
Remote : Yes
Link : https://wiki.archlinux.org/title/CVE

Workaround

None.

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved