WARNING: CRITICAL OUT-OF-BOUNDS WRITE VULNERABILITY IN PHP, PATCH IMMEDIATELY!
CVE-2024-11236: CVSS: 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Bronnen
GitHub advisory: https://github.com/php/php-src/security/advisories/GHSA-5hqh-c84r-qjcv
GitHub advisory: https://github.com/php/php-src/security/advisories/GHSA-g665-fm4p-vhff
Risico’s
PHP is a scripting language that is widely used to make interactive Web pages.
PHP before versions 8.1.31, 8.2.26 and 8.3.14, it includes a critical integer overflow vulnerability that can result in Out-Of-Bounds writes. This means that input can be written to memory outside the buffer that is reserved for it. This has a high impact on Confidentiality, Integrity and Availability as OOB writes can have significant impact.
Beschrijving
PDO_FIREBIRD and PDO_DBLIB are drivers that implement the PDO (PHP Data Objects) interface to enable access from PHP to the Firebird database and Microsoft SQL Server/Sybase database respectively. In these components, the ZSTR_MAX_LEN value can be surpassed, resulting in an integer overflow. Eventually, this can result in Out-Of-Bounds (OOB) writes.
Aanbevolen acties
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
The vulnerability is patched in versions 8.1.31, 8.2.26, 8.3.14 and above.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/en/cert/report-incident
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.
Referenties
PHP Security Bulletin 8.1.31: https://www.php.net/ChangeLog-8.php#8.1.31
PHP Security Bulletin 8.2.26: https://www.php.net/ChangeLog-8.php#8.2.26
PHP Security Bulletin 8.3.14: https://www.php.net/ChangeLog-8.php#8.3.14