CVE-2018-10545Sensitive Information Exposure in PHP

CWE-200Sensitive Information ExposureCWE-287Improper Authentication11 documents7 sources
Severity
4.7MEDIUMNVD
EPSS
0.0%
top 86.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
PHPPhp5Canonical Ubuntu Linux+1 more
Timeline
PublishedApr 29
Latest updateMay 14

Description

An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.0 | Impact: 3.6

Affected Packages2 packages

NVDphp/php7.0.07.0.29+3
Ubuntuphp5/php5< 5.5.9+dfsg-1ubuntu4.25

Also affects: Debian Linux 7.0, 8.0, 9.0, Ubuntu Linux 12.04, 14.04, 16.04, 17.10, 18.04

Patches

Patch: php.netPatch: php.netPatch: bugs.php.net

🔴Vulnerability Details

3
GHSA
GHSA-67m2-ch47-h5pm: An issue was discovered in PHP before 52022-05-14
OSV
php5, php7.0, php7.1, php7.2 vulnerabilities2018-05-14
OSV
CVE-2018-10545: An issue was discovered in PHP before 52018-04-29

📋Vendor Advisories

3
Ubuntu
PHP vulnerabilities2018-05-16
Ubuntu
PHP vulnerabilities2018-05-14
Red Hat
php: Dumpable FPM child processes allow bypassing opcache access controls2017-11-30

🕵️Threat Intelligence

2
Trendmicro
Current and Future Attacks Threatening Esports2019-10-29
Trendmicro
Current and Future Attacks Threatening Esports2019-10-29

💬Community

2
Bugzilla
CVE-2018-10545 php: Dumpable FPM child processes allow bypassing opcache access controls2018-04-04
Bugzilla
CVE-2018-10545 php: Dumpable FPM child processes allow bypassing opcache access controls [fedora-all]2018-04-04