Arbitrary code execution in php (Alpine package)



Published: 2016-10-18
Risk High
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2016-7412
CWE-ID CWE-284
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
php (Alpine package)
Operating systems & Components / Operating system package or component

Vendor Alpine Linux Development Team

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Arbitrary code execution

EUVDB-ID: #VU524

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-7412

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote or local user to cause arbitrary code execution on the target system.
The weakness is caused by heap overflow during handling of BIT fields in mysqlnd that allows a malicious user to execute arbitrary code.
Successful explotation of the vulnerability may result in arbitrary code execution on the vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

php (Alpine package): 5.6.25-r0

External links

http://git.alpinelinux.org/aports/commit/?id=c498273a9b9628de4f8a7115271dddfd87ea7807
http://git.alpinelinux.org/aports/commit/?id=c72d2f6e4c8e60010afb92635a3fe5c20e932f4d
http://git.alpinelinux.org/aports/commit/?id=2ba3a04506152c4867294cfe5a2d647e254f533e


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###