Common Vulnerabilities and Exposures assigned an identifier CVE-2015-2787 to the following vulnerability: Name: CVE-2015-2787 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2787 Assigned: 20150329 Reference: https://gist.github.com/smalyshev/eea9eafc7c88a4a6d10d Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.
Created php tracking bugs for this issue: Affects: fedora-all [bug 1207678]
Upstream bug: https://bugs.php.net/bug.php?id=68976 Upstream commits: http://git.php.net/?p=php-src.git;a=commitdiff;h=780222f97f47644a6a118ada86a269a96a1e8134 http://git.php.net/?p=php-src.git;a=commitdiff;h=d76b293ac71aa5bd4e9a433192afef6e0dd5a4ee
Commit in PHP 5.4 Fix: http://git.php.net/?p=php-src.git;a=commit;h=646572d6d3847d68124b03936719f60936b49a38 Test: http://git.php.net/?p=php-src.git;a=commit;h=8b14d3052ffcffa17d6e2be652f20e18f8f562ad
Can you provide an update on the status of this bug? The NIST NVD shows a higher vuln score than your whiteboard comments show (above). This is the NIST rating: Original release date: 03/30/2015 Last revised: 04/13/2015 Source: US-CERT/NIST CVSS Severity (version 2.0): CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) Impact Subscore: 6.4 Exploitability Subscore: 10.0 CVSS Version 2 Metrics: Access Vector: Network exploitable Access Complexity: Low Authentication: Not required to exploit Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service (from https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2787) They have placed the severity of this vuln at a higher level than shown in your whiteboard comments (above). Thanks.
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS Via RHSA-2015:1066 https://rhn.redhat.com/errata/RHSA-2015-1066.html
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS Via RHSA-2015:1053 https://rhn.redhat.com/errata/RHSA-2015-1053.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2015:1135 https://rhn.redhat.com/errata/RHSA-2015-1135.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2015:1218 https://rhn.redhat.com/errata/RHSA-2015-1218.html