FS#42764 - [php] CVE-2014-3710: denial of service through out-of-bounds read

Attached to Project: Arch Linux
Opened by Levente Polyak (anthraxx) - Wednesday, 12 November 2014, 20:10 GMT
Last edited by Pierre Schmitz (Pierre) - Thursday, 13 November 2014, 17:42 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To Pierre Schmitz (Pierre)
Architecture All
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Summary:
It has been reported [0] that php 5.6.2-2 is vulnerable to out-of-bounds read resulting in denial of service. This issue is tracked as CVE-2014-3710 [1].

Description:
An out-of-bounds read flaw was found in the way the file information (fileinfo) extension parsed executable and linkable format (ELF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file.

Mitigation:
The problem has been tracked [2] and fixed upstream [3] but no release is available yet.
We recommend to backport the patch until a release is available.

The attached patch does apply fine with:
# patch -p1 -i "${srcdir}/CVE-2014-3710.patch"

This bug is related to  FS#42759 

[0] https://bugzilla.redhat.com/show_bug.cgi?id=1155071
[1] https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3710
[2] https://bugs.php.net/bug.php?id=68283
[3] http://git.php.net/?p=php-src.git;a=patch;h=1803228597e82218a8c105e67975bc50e6f5bf0d
This task depends upon

Closed by  Pierre Schmitz (Pierre)
Thursday, 13 November 2014, 17:42 GMT
Reason for closing:  Fixed
Comment by Pierre Schmitz (Pierre) - Wednesday, 12 November 2014, 20:51 GMT
This will be fixed in 5.6.3 which was tagged today. No idea when it will be released though.

Loading...