A heap corruption vulnerability when parsing tar/zip/phar file with empty content. Upstream bug: https://bugs.php.net/bug.php?id=71354 Upstream patch: https://git.php.net/?p=php-src.git;a=commitdiff;h=13ad4d3e971807f9a58ab5933182907dc2958539
Created php tracking bugs for this issue: Affects: fedora-all [bug 1305565]
CVE assignment: http://seclists.org/oss-sec/2016/q2/163
This issue is triggered by a specially-crafted Tar format Phar files. Phar files are distribution format for PHP applications (similar to Java Jar format) and their content is typically executed on the server. Malicious Phar archive can therefore execute code on the system without exploiting any parsing issues. If Phar extension is not used, it can be disabled by commenting out the following line: extension=phar.so in /etc/php.d/phar.ini to prevent loading of the extension.
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS Via RHSA-2016:2750 https://rhn.redhat.com/errata/RHSA-2016-2750.html