Bug 1132589 (CVE-2014-3597)
| Summary: | CVE-2014-3597 php: multiple buffer over-reads in php_parserr | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | falonso, jorton, jrusnack, osoukup, rcollet, webstack-team |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | php 5.5.16, php 5.4.32 | Doc Type: | Bug Fix |
| Doc Text: |
Multiple buffer over-read flaws were found in the php_parserr() function of PHP. A malicious DNS server or a man-in-the-middle attacker could possibly use this flaw to crash a PHP application that used the dns_get_record() function to perform a DNS query.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-10-31 09:49:15 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1114521, 1140017, 1140018, 1140023, 1140026, 1140027, 1149762, 1149771 | ||
| Bug Blocks: | 1108453, 1138881, 1149858 | ||
|
Description
Vincent Danen
2014-08-21 15:26:18 UTC
This is corrected in upstream PHP 5.5.16 and 5.4.32: http://php.net/ChangeLog-5.php#5.5.16 http://php.net/ChangeLog-5.php#5.4.32 This does not seem to really qualify as "incomplete CVE-2014-4049 fix". The fix under CVE-2014-4049 addressed buffer over-write (with buffer over-read happening at the same time) that could lead to heap memory corruption. This additional fix adds additional checks against buffer over-reads, which are not limited to the processing of the TXT DNS resource records. Adjusting CVSSv2 score and impact rating, as it should not match score and rating of the CVE-2014-4049 issue. IssueDescription: Multiple buffer over-read flaws were found in the php_parserr() function of PHP. A malicious DNS server or a man-in-the-middle attacker could possibly use this flaw to crash a PHP application that used the dns_get_record() function to perform a DNS query. This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 Via RHSA-2014:1326 https://rhn.redhat.com/errata/RHSA-2014-1326.html This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2014:1327 https://rhn.redhat.com/errata/RHSA-2014-1327.html This issue has been addressed in the following products: Red Hat Software Collections 1 for Red Hat Enterprise Linux 7 Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.5 EUS Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.4 EUS Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections 1 for Red Hat Enterprise Linux 6 Via RHSA-2014:1766 https://rhn.redhat.com/errata/RHSA-2014-1766.html This issue has been addressed in the following products: Red Hat Software Collections 1 for Red Hat Enterprise Linux 7 Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.5 EUS Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.4 EUS Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections 1 for Red Hat Enterprise Linux 6 Via RHSA-2014:1765 https://rhn.redhat.com/errata/RHSA-2014-1765.html Statement: This issue did not affect the versions of php as shipped with Red Hat Enterprise Linux 5. |