Description
ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly maintain a certain hash data structure, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to session deserialization.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9Attack Vector: Network
Complexity: Low
Privileges: None
User Interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: High
Availability: High
Affected Packages3 packages
🔴Vulnerability Details
3GHSAGHSA-v42h-9gp8-3hfq: ext/session/session↗2022-05-14 OSVphp5, php7.0 vulnerabilities↗2016-08-02 OSVCVE-2016-6290: ext/session/session↗2016-07-25 📋Vendor Advisories
3AppleCVE-2016-6290: macOS Sierra 10.12↗2016-09-20 UbuntuPHP vulnerabilities↗2016-08-02 Red Hatphp: Use after free in unserialize() with Unexpected Session Deserialization↗2016-07-08 💬Community
2BugzillaCVE-2016-6290 php: Use after free in unserialize() with Unexpected Session Deserialization↗2016-07-25 BugzillaCVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-6297 php: various flaws [fedora-all]↗2016-07-25