Bug 2170761 (CVE-2023-0662) - CVE-2023-0662 php: DoS vulnerability when parsing multipart request body
Summary: CVE-2023-0662 php: DoS vulnerability when parsing multipart request body
Keywords:
Status: NEW
Alias: CVE-2023-0662
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2170777 2170778 2174685 2174686 2174687 2174688 2174689
Blocks: 2170009
TreeView+ depends on / blocked
 
Reported: 2023-02-17 08:11 UTC by Sandipan Roy
Modified: 2024-01-24 10:53 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in PHP. This security flaw occurs when the request body parsing in PHP allows any unauthenticated attacker to consume a large amount of CPU time and trigger excessive logging. A large amount of CPU time required for processing requests can block all available worker processes and significantly delay or slow the processing of legitimate user requests. The large volume of warning messages can wear down the disk and fill it up. A complete denial of service is achievable by sending many concurrent multipart requests in a loop. PHP parses the request body before invoking any application scripts. This vulnerability affects all PHP websites that accept POST request bodies (post_max_size set to a value greater than zero, the default value is 8MB).
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2023:6073 0 None None None 2023-10-24 10:36:04 UTC
Red Hat Product Errata RHSA-2023:5926 0 None None None 2023-10-19 13:14:59 UTC
Red Hat Product Errata RHSA-2023:5927 0 None None None 2023-10-19 13:24:32 UTC
Red Hat Product Errata RHSA-2024:0387 0 None None None 2024-01-24 10:53:31 UTC

Description Sandipan Roy 2023-02-17 08:11:56 UTC 
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space.

https://github.com/php/php-src/security/advisories/GHSA-54hq-v5wp-fqgv
Comment 1 Sandipan Roy 2023-02-17 08:41:11 UTC 
Created php tracking bugs for this issue:

Affects: fedora-36 [bug 2170777]
Affects: fedora-37 [bug 2170778]
Comment 6 errata-xmlrpc 2023-10-19 13:14:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:5926 https://access.redhat.com/errata/RHSA-2023:5926
Comment 7 errata-xmlrpc 2023-10-19 13:24:30 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:5927 https://access.redhat.com/errata/RHSA-2023:5927
Comment 8 Ben 2024-01-10 13:08:57 UTC 
Is there going to be a fix for Red Hat Enterprise Linux 9 running php:8.1/php, please?
Comment 9 errata-xmlrpc 2024-01-24 10:53:30 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:0387 https://access.redhat.com/errata/RHSA-2024:0387
Note You need to log in before you can comment on or make changes to this bug.