CVE-2017-5340

Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
phpphp
7.0.0 ≤
𝑥
< 7.0.15
phpphp
7.1.0 ≤
𝑥
< 7.1.1
netappclustered_data_ontap
-
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
php7.0
precise
dne
trusty
dne
xenial
Fixed 7.0.15-0ubuntu0.16.04.2
released
yakkety
Fixed 7.0.15-0ubuntu0.16.10.2
released
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
php70
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-bcmath
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-cli
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-common
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-dba
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-dbg
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-debuginfo
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-devel
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-embedded
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-enchant
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-fpm
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-gd
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-gmp
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-imap
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-intl
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-json
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-ldap
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-mbstring
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-mcrypt
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-mysqlnd
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-odbc
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-opcache
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-pdo
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-pdo-dblib
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-pgsql
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-process
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-pspell
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-recode
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-snmp
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-soap
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-tidy
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-xml
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-xmlrpc
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
php70-zip
Amazon Linux 1
0:7.0.16-1.21.amzn1
fixed
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/95371
http://www.securitytracker.com/id/1037659
https://access.redhat.com/errata/RHSA-2018:1296
https://bugs.php.net/bug.php?id=73832
https://github.com/php/php-src/commit/4cc0286f2f3780abc6084bcdae5dce595daa3c12
https://security.netapp.com/advisory/ntap-20180112-0001/
http://www.securityfocus.com/bid/95371
http://www.securitytracker.com/id/1037659
https://access.redhat.com/errata/RHSA-2018:1296
https://bugs.php.net/bug.php?id=73832
https://github.com/php/php-src/commit/4cc0286f2f3780abc6084bcdae5dce595daa3c12
https://security.netapp.com/advisory/ntap-20180112-0001/