SUSE SLES12 Security Update : php72 (SUSE-SU-2022:0577-1)

critical Nessus Plugin ID 158448

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0577-1 advisory.

- An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php- fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility. (CVE-2015-9253)

- The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string. (CVE-2017-8923)

- In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended. (CVE-2021-21707)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1038980

https://bugzilla.suse.com/1081790

https://bugzilla.suse.com/1193041

https://www.suse.com/security/cve/CVE-2015-9253

https://www.suse.com/security/cve/CVE-2017-8923

https://www.suse.com/security/cve/CVE-2021-21707

http://www.nessus.org/u?5d43e80a

Plugin Details

Severity: Critical

ID: 158448

File Name: suse_SU-2022-0577-1.nasl

Version: 1.7

Type: local

Agent: unix

Published: 2/26/2022

Updated: 10/18/2023

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2017-8923

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:php72-opcache, p-cpe:/a:novell:suse_linux:php72-pgsql, p-cpe:/a:novell:suse_linux:php72-pear, p-cpe:/a:novell:suse_linux:php72-bz2, p-cpe:/a:novell:suse_linux:php72-openssl, p-cpe:/a:novell:suse_linux:php72-sockets, p-cpe:/a:novell:suse_linux:php72-calendar, p-cpe:/a:novell:suse_linux:php72-fileinfo, p-cpe:/a:novell:suse_linux:php72-xsl, p-cpe:/a:novell:suse_linux:php72-xmlrpc, p-cpe:/a:novell:suse_linux:php72-soap, p-cpe:/a:novell:suse_linux:php72-tidy, p-cpe:/a:novell:suse_linux:php72-odbc, p-cpe:/a:novell:suse_linux:apache2-mod_php72, p-cpe:/a:novell:suse_linux:php72-phar, p-cpe:/a:novell:suse_linux:php72-wddx, p-cpe:/a:novell:suse_linux:php72-json, p-cpe:/a:novell:suse_linux:php72-iconv, p-cpe:/a:novell:suse_linux:php72-devel, p-cpe:/a:novell:suse_linux:php72-sysvsem, p-cpe:/a:novell:suse_linux:php72-pcntl, p-cpe:/a:novell:suse_linux:php72-snmp, p-cpe:/a:novell:suse_linux:php72-ftp, p-cpe:/a:novell:suse_linux:php72-gmp, p-cpe:/a:novell:suse_linux:php72-sysvshm, p-cpe:/a:novell:suse_linux:php72-dba, p-cpe:/a:novell:suse_linux:php72-gd, p-cpe:/a:novell:suse_linux:php72-fpm, p-cpe:/a:novell:suse_linux:php72-pspell, p-cpe:/a:novell:suse_linux:php72-shmop, p-cpe:/a:novell:suse_linux:php72-mbstring, p-cpe:/a:novell:suse_linux:php72-ldap, p-cpe:/a:novell:suse_linux:php72-sqlite, p-cpe:/a:novell:suse_linux:php72-fastcgi, p-cpe:/a:novell:suse_linux:php72-zip, p-cpe:/a:novell:suse_linux:php72-bcmath, p-cpe:/a:novell:suse_linux:php72-pdo, p-cpe:/a:novell:suse_linux:php72-ctype, p-cpe:/a:novell:suse_linux:php72, p-cpe:/a:novell:suse_linux:php72-curl, p-cpe:/a:novell:suse_linux:php72-exif, p-cpe:/a:novell:suse_linux:php72-enchant, p-cpe:/a:novell:suse_linux:php72-xmlreader, cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:php72-xmlwriter, p-cpe:/a:novell:suse_linux:php72-readline, p-cpe:/a:novell:suse_linux:php72-sodium, p-cpe:/a:novell:suse_linux:php72-imap, p-cpe:/a:novell:suse_linux:php72-dom, p-cpe:/a:novell:suse_linux:php72-pear-archive_tar, p-cpe:/a:novell:suse_linux:php72-tokenizer, p-cpe:/a:novell:suse_linux:php72-gettext, p-cpe:/a:novell:suse_linux:php72-zlib, p-cpe:/a:novell:suse_linux:php72-posix, p-cpe:/a:novell:suse_linux:php72-mysql, p-cpe:/a:novell:suse_linux:php72-sysvmsg, p-cpe:/a:novell:suse_linux:php72-intl

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/25/2022

Vulnerability Publication Date: 5/12/2017

Reference Information

CVE: CVE-2015-9253, CVE-2017-8923, CVE-2021-21707

IAVA: 2021-A-0566-S

IAVB: 2017-B-0060-S

SuSE: SUSE-SU-2022:0577-1