CVE-2022-31630 — Incorrect Calculation of Buffer Size in Group PHP

CWE-131 — Incorrect Calculation of Buffer Size CWE-190 — Integer Overflow or Wraparound CWE-125 — Out-of-bounds Read CWE-20 — Improper Input Validation9 documents8 sources

Severity

7.1HIGHNVD

CNA6.5

EPSS

0.1%

top 81.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

PHP Group PHP PHP

Timeline

PublishedNov 14

Latest updateApr 15

Description

In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages2 packages

▶NVDphp/php7.4.0 — 7.4.33+2

▶CVEListV5php_group/php7.4.x — 7.4.33+2

Patches

Patch: bugs.php.net ↗Patch: bugs.php.net ↗

🔴Vulnerability Details

GHSA

GHSA-jw98-jrc9-mrx5: In PHP versions prior to 7↗2022-11-14

▶

OSV

CVE-2022-31630: In PHP versions prior to 7↗2022-11-14

▶

CVEList

OOB read due to insufficient input validation in imageloadfont()↗2022-11-14

▶

OSV

php7.2, php7.4, php8.1 vulnerabilities↗2022-11-08

▶

📋Vendor Advisories

Oracle

Oracle Oracle Communications Risk Matrix: Platform (PHP) — CVE-2022-31630↗2023-04-15

▶

Ubuntu

PHP vulnerabilities↗2022-11-08

▶

Red Hat

php: OOB read due to insufficient input validation in imageloadfont()↗2022-10-27

▶

Debian

CVE-2022-31630: php7.4 - In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont() f...↗2022

▶