CVE-2024-11235

CWE-416 — Use After Free8 documents7 sources

Severity

9.2CRITICAL

EPSS

1.5%

top 19.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

PHP Group PHP PHP PHP

Timeline

PublishedApr 4

Latest updateApr 8

Description

In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the script, it could lead to remote code execution.

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages6 packages

▶NVDphp/php8.3.0 — 8.3.19+1

▶CVEListV5php_group/php8.4.* — 8.4.5+1

▶Debianphp8.4< 8.4.5-1+1

▶Ubuntuphp7.4< 7.4.3-4ubuntu2.29

▶Ubuntuphp8.1< 8.1.2-1ubuntu2.21

🔴Vulnerability Details

CVEList

Reference counting in php_request_shutdown causes Use-After-Free↗2025-04-04

▶

OSV

CVE-2024-11235: In PHP versions 8↗2025-04-04

▶

OSV

php7.4, php8.1, php8.3 vulnerabilities↗2025-03-31

▶

📋Vendor Advisories

Microsoft

Reference counting in php_request_shutdown causes Use-After-Free↗2025-04-08

▶

Red Hat

php: Reference counting in php_request_shutdown causes Use-After-Free↗2025-04-04

▶

Ubuntu

PHP vulnerabilities↗2025-03-31

▶

Debian

CVE-2024-11235: php8.4 - In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence invo...↗2024

▶