Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Debian: DSA-5179-1 Critical: PHP 7.4 DoS And Code Execution Risks

debian
Calendar Grey July 8, 2022
Debian Logo
Urgent security patch for PHP 7.4 in Debian resolves flaws that can result in DoS and arbitrary code execution. Take immediate action!
Charles Fol discovered two security issues in PHP, a widely-used open source general purpose scripting language which could result an denial of service or potentially the execution...
Topics%20covered

Topics Covered

security advisory denial of service software update code execution php debian critical severity

Summary

Charles Fol discovered two security issues in PHP, a widely-used open
source general purpose scripting language which could result an denial of
service or potentially the execution of arbitrary code:

CVE-2022-31625

Incorrect memory handling in the pg_query_params() function.

CVE-2022-31626

A buffer overflow in the mysqld extension.

For the stable distribution (bullseye), these problems have been fixed in
version 7.4.30-1+deb11u1.

We recommend that you upgrade your php7.4 packages.

For the detailed security status of php7.4 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/php7.4

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/



Severity
critical
Lowest
Low
Medium
High
Critical

Package: php7.4
CVE ID: CVE-2022-31625 CVE-2022-31626

Topics%20covered

Topics Covered

security advisory denial of service software update code execution php debian critical severity

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here