Bug 969996 - (CVE-2013-3735) CVE-2013-3735 php: DoS (memory exhaustion, application crash) via crafted function definition
CVE-2013-3735 php: DoS (memory exhaustion, application crash) via crafted fun...
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On:
Blocks: 970004
  Show dependency treegraph
Reported: 2013-06-03 05:37 EDT by Jan Lieskovsky
Modified: 2015-07-31 03:06 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2013-06-04 00:49:55 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jan Lieskovsky 2013-06-03 05:37:38 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2013-3735 to the following vulnerability:

** DISPUTED ** The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted function definition, as demonstrated by an attack within a shared web-hosting environment.  NOTE: the vendor's http://php.net/security-note.php page says "for critical security situations you should be using OS-level security by running multiple web servers each as their own user id."

[1] https://bugs.php.net/bug.php?id=64660
[2] https://github.com/php/php-src/blob/php-5.4.16RC1/NEWS
[3] https://github.com/php/php-src/blob/php-5.5.0RC2/NEWS
[4] https://github.com/php/php-src/commit/fb58e69a84f4fde603a630d2c9df2fa3be16d846
Comment 4 Huzaifa S. Sidhpurwala 2013-06-04 00:49:55 EDT

We do not consider memory safety hazards caused by malformed php scripts as a security issue. Also (as per upstream) OS-level security should be used to protect systems from memory exhaustion caused by php applications.

Note You need to log in before you can comment on or make changes to this bug.