Heap-out-of-bounds write in php7 (Alpine package)



Published: 2017-07-07
Risk High
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2017-9228
CWE-ID CWE-787
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
php7 (Alpine package)
Operating systems & Components / Operating system package or component

Vendor Alpine Linux Development Team

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Heap-out-of-bounds write

EUVDB-ID: #VU7348

Risk: High

CVSSv3.1:

CVE-ID: CVE-2017-9228

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code.

The weakness exists in the mbstring due to heap out-of-bounds write in bitset_set_range() during regular expression compilation due to incorrect state transition in parse_char_class(). A remote attacker can trigger out-of-bounds write memory corruption and execute arbitrary code with web server privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Install update from vendor's website.

Vulnerable software versions

php7 (Alpine package): 7.0.7-r0 - 7.0.21-r0


CPE2.3 External links

http://git.alpinelinux.org/aports/commit/?id=4a7ccf578f5caf82b4c9120ac266ff49f245549a
http://git.alpinelinux.org/aports/commit/?id=fa666308ab37b32d9aef124a737b59ebd06a1f7a
http://git.alpinelinux.org/aports/commit/?id=df5aeb27dfb1c9a6216feebc947c1a93e66eb856
http://git.alpinelinux.org/aports/commit/?id=0bdb67976ff9b2169218a5be5167d7e45f8731ef
http://git.alpinelinux.org/aports/commit/?id=f2c409bcadb97db7ec586e33786caf7534dcb9fc
http://git.alpinelinux.org/aports/commit/?id=1a53597add5f7fe591eb04408ce4c216d5a053a4
http://git.alpinelinux.org/aports/commit/?id=c0c3f19f1930e23311fa082667b07223ee444314
http://git.alpinelinux.org/aports/commit/?id=edfeba70bca7213cd531fdf096a304c973fbf241
http://git.alpinelinux.org/aports/commit/?id=5bc4c8508af2005bd3b07fbc84e18ed4fb6f292c

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###