CVE-2023-0568

CWE-131CWE-770Allocation without Limits12 documents9 sources
Severity
8.1HIGH
EPSS
0.2%
top 59.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
PHP Group PHPPHP PHP
Timeline
PublishedFeb 16
Latest updateOct 15

Description

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages7 packages

NVDphp/php8.0.08.0.28+2
CVEListV5php_group/php8.0.x8.0.28+2
Debianphp7.4< 7.4.33-1+deb11u3
Debianphp8.2< 8.2.4-1
Ubuntuphp7.2< 7.2.24-0ubuntu0.18.04.17

Patches

Patch: bugs.php.netPatch: bugs.php.net

🔴Vulnerability Details

5
OSV
php7.0 vulnerabilities2023-03-02
OSV
php7.2, php7.4, php8.1 vulnerabilities2023-02-28
GHSA
GHSA-6gqv-38q3-6c47: In PHP 82023-02-16
CVEList
Array overrun in common path resolve code2023-02-16
OSV
CVE-2023-0568: In PHP 82023-02-16

📋Vendor Advisories

6
Oracle
Oracle Oracle Secure Backup Risk Matrix: Oracle Secure Backup (PHP) — CVE-2023-05682023-10-15
Ubuntu
PHP vulnerabilities2023-03-02
Ubuntu
PHP vulnerabilities2023-02-28
Red Hat
php: 1-byte array overrun in common path resolve code2023-02-15
Microsoft
Array overrun in common path resolve code2023-02-14
CVE-2023-0568 (HIGH CVSS 8.1) | In PHP 8.0.X before 8.0.28 | cvebase.io