SB2017070731 - Null pointer dereference in php5 (Alpine package)
Published: July 7, 2017
Security Bulletin ID
SB2017070731
CSH Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Partial DoS
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Null pointer dereference (CVE-ID: CVE-2017-9229)
CWE-ID: CWE-476 - NULL Pointer Dereference
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to cause DoS condition.
The weakness exists in the mbstring due to an error in handling of reg->dmin in forward_search_range(). A remote attacker can trigger SIGSEGV in left_adjust_char_head() during regular expression compilation, cause NULL pointer dereference and the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=4a7ccf578f5caf82b4c9120ac266ff49f245549a
- https://git.alpinelinux.org/aports/commit/?id=fa666308ab37b32d9aef124a737b59ebd06a1f7a
- https://git.alpinelinux.org/aports/commit/?id=df5aeb27dfb1c9a6216feebc947c1a93e66eb856
- https://git.alpinelinux.org/aports/commit/?id=0bdb67976ff9b2169218a5be5167d7e45f8731ef
- https://git.alpinelinux.org/aports/commit/?id=f2c409bcadb97db7ec586e33786caf7534dcb9fc
- https://git.alpinelinux.org/aports/commit/?id=1a53597add5f7fe591eb04408ce4c216d5a053a4
- https://git.alpinelinux.org/aports/commit/?id=c0c3f19f1930e23311fa082667b07223ee444314
- https://git.alpinelinux.org/aports/commit/?id=edfeba70bca7213cd531fdf096a304c973fbf241
- https://git.alpinelinux.org/aports/commit/?id=5bc4c8508af2005bd3b07fbc84e18ed4fb6f292c