Skip to Main Content

Bruin Learn access is restored. UCLA Digital and Technology Solutions and Bruin Learn administrators are continuing to monitor for delays or unexpected issues with the restoration of UCLA’s Canvas environment. If you continue to experience any issues with Bruin Learn, please reach out to BruinLearn-Support@it.ucla.edu

Multiple Vulnerabilities in PHP Could Allow for Denial of Service

Date(s) Issues: 05/18/2020

Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow for a denial-of-service condition. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications. Successfully exploiting the most severe of these vulnerabilities could allow an attacker to crash the PHP process. This could allow for a denial-of-service condition once the process stops running.

 

Systems Affected

  • PHP 7.2 Prior to Version 7.2.3
  • PHP 7.2.4 Prior to Version 7.3.17
  • PHP 7.3.2 Prior to Version 7.4.5

 

Risk

GOVERNMENT

  • Large and medium government entities: HIGH
  • Small government entities: HIGH

BUSINESSES

  • Large and medium business entities: HIGH
  • Small business entities: HIGH

 

Technical Summary

Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow for a denial-of-service condition. Details of these vulnerabilities are as below:

Version 7.2.30

  • Bug #79468 (SIGSEGV when closing stream handle with a stream filter appended).
  • Bug #79330 (shell_exec() silently truncates after a null byte).
  • Bug #79465 (OOB Read in urldecode()).

Version 7.3.17

  • Bug #79364 (When copy empty array, next key is unspecified).
  • Bug #78210 (Invalid pointer address).
  • Bug #79199 (curl_copy_handle() memory leak).
  • Bug #79396 (DateTime hour incorrect during DST jump forward).
  • Bug #79200 (Some iconv functions cut Windows-1258).
  • Bug #79412 (Opcache chokes and uses 100% CPU on specific script).
  • Bug #79413 (session_create_id() fails for active sessions).
  • Bug #79427 (Integer Overflow in shmop_open()).
  • Bug #61597 (SXE properties may lack attributes and content).
  • Bug #75673 (SplStack::unserialize() behavior).
  • Bug #79393 (Null coalescing operator failing with SplFixedArray).
  • Bug #79330 (shell_exec() silently truncates after a null byte).
  • Bug #79465 (OOB Read in urldecode()). (CVE-2020-7067)
  • Bug #79410 (system() swallows last chunk if it is exactly 4095 bytes without newline).
  • Bug #79296 (ZipArchive::open fails on empty file).
  • Bug #79424 (php_zip_glob uses gl_pathc after call to globfree).
REFERENCES

Center for Internet Security

Tags
Vulnerability