CVE-2022-31625Free of Memory not on the Heap in Group PHP

CWE-590Free of Memory not on the HeapCWE-824Access of Uninitialized PointerCWE-763Release of Invalid Pointer or Reference13 documents8 sources
Severity
8.1HIGHNVD
EPSS
0.8%
top 26.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
PHP Group PHPPHPDebian Linux
Timeline
PublishedJun 16
Latest updateJul 7

Description

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages2 packages

NVDphp/php7.4.07.4.30+2
CVEListV5php_group/php7.4.X7.4.30+2

Also affects: Debian Linux 10.0, 11.0

Patches

Patch: bugs.php.netPatch: bugs.php.net

🔴Vulnerability Details

6
OSV
php7.2 regression2022-07-07
OSV
php7.0 vulnerabilities2022-07-04
GHSA
GHSA-wg63-8xjw-5wvx: In PHP versions 72022-06-17
CVEList
Freeing unallocated memory in php_pgsql_free_params()2022-06-16
OSV
CVE-2022-31625: In PHP versions 72022-06-16

📋Vendor Advisories

6
Ubuntu
PHP regression2022-07-07
Ubuntu
PHP vulnerabilities2022-07-04
Ubuntu
PHP vulnerabilities2022-06-15
Microsoft
Freeing unallocated memory in php_pgsql_free_params()2022-06-14
Red Hat
php: Uninitialized array in pg_query_params() leading to RCE2022-05-16
CVE-2022-31625 — Free of Memory not on the Heap | cvebase