A flaw was found in php. The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c (which can be reached with a call to the imagecreatefromstring() function) uses constant-sized color tables of size 3 * 256, but does not zero-out these arrays before use. This flaw could lead to a information leak through a specially crafted image with bogus color table. Upstream bug: https://bugs.php.net/bug.php?id=74435 Upstream patch: http://git.php.net/?p=php-src.git;a=commit;h=018092125538782b25d3ab6b036f0c8d5968f757 http://git.php.net/?p=php-src.git;a=commit;h=8dc4f4dc9e44d1cbfe4654aa6e0dc27c94913938 https://bugs.php.net/patch-display.php?bug=74435&patch=fix-74435-php-7.0&revision=1497970038 References: http://php.net/ChangeLog-5.php
Created php tracking bugs for this issue: Affects: fedora-all [bug 1473823]
Statement: Red Hat Product Security has rated this issue as having Moderate security impact. This issue is not currently planned to be addressed in future updates. We recommend avoiding usage of the functions gdImageCreateFromGifCtx() and imagecreatefromstring() as they can lead to stack data leak. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Is it possible to get more details on why this issue would not be fixed ?
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:0406 https://access.redhat.com/errata/RHSA-2018:0406
*** Bug 1562758 has been marked as a duplicate of this bug. ***
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS Via RHSA-2018:1296 https://access.redhat.com/errata/RHSA-2018:1296