Red Hat Bugzilla – Bug 1298839
CVE-2016-1904 php: heap buffer overflow in escapeshell functions
Last modified: 2016-01-22 15:21:46 EST
There exist a heap-based buffer overflow that allows one to write a user
tainted data past an allocated buffer. This vulnerability lies in the
On a default php installation, the memory limit is set to 128MB and this
vulnerability is not triggerable. The analysis shows that this is
triggerable when memory limit is roughly > 1024mb.
Original report with reproducer:
Created php tracking bugs for this issue:
Affects: fedora-all [bug 1298843]
This patch affects PHP 7, so none of the available PHP version in RHEL or RHSCL is affected.
Apparently introduced in:
As noted in comment 2, this did not affect any PHP version as shipped in Red Hat Enterprise Linux and Red Hat Software Collections.