Detections
Analytics

Fedora 37 : php (2023-c68f2227e6)

critical Nessus Plugin ID 179687

Language:

Synopsis

The remote Fedora host is missing one or more security updates.

Description

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c68f2227e6 advisory.

 **PHP version 8.1.22** (03 Aug 2023)

 **Build:**

 * Fixed bug [GH-11522](https://github.com/php/php-src/issues/11522) (PHP version check fails with '-' separator). (SVGAnimate)

 **CLI:**

 * Fix interrupted CLI output causing the process to exit. (nielsdos)

 **Core:**

 * Fixed oss-fuzz php#60011 (Mis-compilation of by-reference nullsafe operator). (ilutov)
 * Fixed use-of-uninitialized-value with ??= on assert. (ilutov)
 * Fixed build for FreeBSD before the 11.0 releases. (David Carlier)

 **Curl:**

 * Fix crash when an invalid callback function is passed to CURLMOPT_PUSHFUNCTION. (nielsdos)

 **Date:**

 * Fixed bug [GH-11368](https://github.com/php/php-src/issues/11368) (Date modify returns invalid datetime). (Derick)

 **DOM:**

 * Fixed bug [GH-11625](https://github.com/php/php-src/issues/11625) (DOMElement::replaceWith() doesn't replace node with DOMDocumentFragment but just deletes node or causes wrapping <></> depending on libxml2 version). (nielsdos)

 **Fileinfo:**

 * Fixed bug [GH-11298](https://github.com/php/php-src/issues/11298) (finfo returns wrong mime type for xz files). (Anatol)

 **FTP:**

 * Fix context option check for overwrite. (JonasQuinten)
 * Fixed bug [GH-10562](https://github.com/php/php-src/issues/10562) (Memory leak and invalid state with consecutive ftp_nb_fget). (nielsdos)

 **GD:**

 * Fix most of the external libgd test failures. (Michael Orlitzky)

 **Hash:**

 * Fix use-of-uninitialized-value in hash_pbkdf2(), fix missing $options parameter in signature. (ilutov)

 **Intl:**

 * Fix memory leak in MessageFormatter::format() on failure. (Girgias)

 **Libxml:**

 * Fixed bug [GHSA-3qrf-m4j2-pcrr](https://github.com/php/php-src/security/advisories/GHSA-3qrf-m4j2-pcrr) (Security issue with external entity loading in XML without enabling it). (**CVE-2023-3823**) (nielsdos, ilutov)

 **MBString:**

 * Fix [GH-11300](https://github.com/php/php-src/issues/11300) (license issue: restricted unicode license headers). (nielsdos)

 **Opcache:**

 * Fixed bug [GH-10914](https://github.com/php/php-src/issues/10914) (OPCache with Enum and Callback functions results in segmentation fault). (nielsdos)
 * Prevent potential deadlock if accelerated globals cannot be allocated. (nielsdos)

 **PCNTL:**

 * Fixed bug [GH-11498](https://github.com/php/php-src/issues/11498) (SIGCHLD is not always returned from proc_open). (nielsdos)

 **PCRE:**

 * Mangle PCRE regex cache key with JIT option. (mvorisek)

 **PDO:**

 * Fix [GH-11587](https://github.com/php/php-src/issues/11587) (After php8.1, when PDO::ATTR_EMULATE_PREPARES is true and PDO::ATTR_STRINGIFY_FETCHES is true, decimal zeros are no longer filled). (SakiTakamachi)

 **PDO SQLite:**

 * Fix [GH-11492](https://github.com/php/php-src/issues/11492) (Make test failure:
 ext/pdo_sqlite/tests/bug_42589.phpt). (KapitanOczywisty, CViniciusSDias)

 **Phar:**

 * Add missing check on EVP_VerifyUpdate() in phar util. (nielsdos)
 * Fixed bug [GHSA-jqcx-ccgc-xwhv](https://github.com/php/php-src/security/advisories/GHSA-jqcx-ccgc-xwhv) (Buffer mismanagement in phar_dir_read()). (**CVE-2023-3824**) (nielsdos)

 **PHPDBG:**

 * Fixed bug [GH-9669](https://github.com/php/php-src/issues/9669) (phpdbg -h options doesn't list the -z option). (adsr)

 **Session:**

 * Removed broken url support for transferring session ID. (ilutov)

 **Standard:**

 * Fix serialization of RC1 objects appearing in object graph twice. (ilutov)

 **SQLite3:**

 * Fix replaced error handling in SQLite3Stmt::__construct. (nielsdos)

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected php package.

See Also

https://bodhi.fedoraproject.org/updates/FEDORA-2023-c68f2227e6

Plugin Details

Severity: Critical

ID: 179687

File Name: fedora_2023-c68f2227e6.nasl

Version: 1.7

Type: local

Agent: unix

Published: 8/11/2023

Updated: 11/14/2024

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, continuous_assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2023-3824

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:php, cpe:/o:fedoraproject:fedora:37

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/2/2023

Vulnerability Publication Date: 8/2/2023

Reference Information

CVE: CVE-2023-3823, CVE-2023-3824

FEDORA: 2023-c68f2227e6

IAVA: 2023-A-0423-S