CVE-2019-11046 — Out-of-bounds Read in Group PHP

CWE-125 — Out-of-bounds Read9 documents7 sources

Severity

5.3MEDIUMNVD

CNA3.7OSV5.9

EPSS

8.2%

top 7.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

PHP Group PHP Tenable Securitycenter Php5 +5 more

Timeline

PublishedDec 23

Latest updateMay 24

Description

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII numbers. This can read to disclosure of the content of some memory locations.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages5 packages

▶CVEListV5php_group/php7.2.x — 7.2.26+2

▶NVDtenable/securitycenter< 5.19.0

▶Ubuntuphp5/php5< 5.5.9+dfsg-1ubuntu4.29+esm8

▶NVDphp/php7.2.0 — 7.2.26+2

▶NVDopensuse/leap15.1

Also affects: Debian Linux 10.0, 8.0, 9.0, Fedora 30, 31, Ubuntu Linux 12.04, 14.04, 16.04, 18.04, 19.04, 19.10

Patches

Patch: bugs.php.net ↗Patch: bugs.php.net ↗

🔴Vulnerability Details

GHSA

GHSA-6c5q-qpjx-9564: In PHP versions 7↗2022-05-24

▶

OSV

php5, php7.0, php7.2, php7.3 vulnerabilities↗2020-01-15

▶

CVEList

Buffer underflow in bc_shift_addsub↗2019-12-23

▶

OSV

CVE-2019-11046: In PHP versions 7↗2019-12-23

▶

📋Vendor Advisories

Ubuntu

PHP vulnerabilities↗2020-01-15

▶

Red Hat

php: OOB read in bc_shift_addsub↗2019-12-16

▶

💬Community

Bugzilla

CVE-2019-11046 php: OOB read in bc_shift_addsub [fedora-all]↗2019-12-26

▶

Bugzilla

CVE-2019-11046 php: OOB read in bc_shift_addsub↗2019-12-26

▶