Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 537586 (CVE-2015-1351)

Summary: <dev-lang/php-5.6.7: Multiple vulnerabilities (CVE-2015-{1351,1352})
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: php-bugs
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.openwall.com/lists/oss-security/2015/01/08/2
Whiteboard: A3 [glsa]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2015-01-24 20:05:36 UTC
From ${URL} :

Use after free in 'opcache' component of PHP
Bug report: https://bugs.php.net/bug.php?id=68677&edit=2
Commit fix:
http://git.php.net/?p=php-src.git;a=commit;h=777c39f4042327eac4b63c7ee87dc1c7a09a3115


Uninitalized Pointer Read in PHP core('fopen()')
Bug report: https://bugs.php.net/bug.php?id=68692&edit=2
Commit fix:
http://git.php.net/?p=php-src.git;a=commit;h=7ebdc8d70d7617f2c3353b027663ef54a24a2248


Uninitalized Pointer Read in PHP core
Bug report: https://bugs.php.net/bug.php?id=68694&edit=2
Commit fix:
http://git.php.net/?p=php-src.git;a=commit;h=f3ea1b0b6a42a08093bf9191ad76fb4b5e0a653b


Null Pointer Deference in pgsql
Bug report: https://bugs.php.net/bug.php?id=68741&edit=2
Commit fix:
http://git.php.net/?p=php-src.git;a=commit;h=124fb22a13fafa3648e4e15b4f207c7096d8155e


Null Pointer Deference in ereg(regex)
Bug report: https://bugs.php.net/bug.php?id=68740&edit=2
Commit fix:
http://git.php.net/?p=php-src.git;a=commit;h=124fb22a13fafa3648e4e15b4f207c7096d8155e



@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Kristian Fiskerstrand (RETIRED) gentoo-dev 2015-02-24 20:25:35 UTC
@maintainers: should the opcache and fopen issues be backported to current versions? Based on a quick glance at the code the issues seems to still affect 5.5.22 at least (from what I can see the other issues were determined to be invalid as security fixes based on ${URL} thread)
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2015-03-07 06:53:10 UTC
Maintainer(s) does the current version going through stabilization contain a fix for this? Stabilization versions: 5.4.38,5.5.22,5.6.6 as part of Bug 541098?
Comment 3 Aaron Bauman (RETIRED) gentoo-dev 2016-03-14 11:42:17 UTC
Per the CVE: "Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors."

Added to existing GLSA.
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2016-06-19 00:26:16 UTC
This issue was resolved and addressed in
 GLSA 201606-10 at https://security.gentoo.org/glsa/201606-10
by GLSA coordinator Kristian Fiskerstrand (K_F).