960177 – (CVE-2015-8617) VUL-0: CVE-2015-8617 php7: Format string vulnerability in class name error message

Bug 960177 (CVE-2015-8617) - VUL-0: CVE-2015-8617 php7: Format string vulnerability in class name error message

Summary: VUL-0: CVE-2015-8617 php7: Format string vulnerability in class name error me...

Status:	RESOLVED FIXED

Alias:	CVE-2015-8617

Product:	openSUSE.org
Classification:	openSUSE
Component:	3rd party software (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Major (vote)
Target Milestone:	---
Assignee:	Petr Gajdos
QA Contact:	E-mail List

URL:	https://smash.suse.de/issue/160031/
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2015-12-23 15:44 UTC by Andreas Stieger
Modified:	2015-12-28 10:22 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Andreas Stieger 2015-12-23 15:44:06 UTC

A format string vulnerability in php-7.0.0 was found, due to how non-existent class names are handled. This issue is potentially exploitable for code execution.

Upstream bug:

https://bugs.php.net/bug.php?id=71105

Upstream patch:

https://github.com/php/php-src/commit/b101a6bbd4f2181c360bd38e7683df4a03cba83e

CVE assignment:

http://seclists.org/oss-sec/2015/q4/561


References:
https://bugzilla.redhat.com/show_bug.cgi?id=1293880
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8617
http://seclists.org/oss-sec/2015/q4/561
https://github.com/php/php-src/commit/b101a6bbd4f2181c360bd38e7683df4a03cba83e
https://bugs.php.net/bug.php?id=71105

Comment 1 Andreas Stieger 2015-12-23 15:45:16 UTC

devel:languages:php:php7/php7 only

Comment 2 Swamp Workflow Management 2015-12-23 23:00:13 UTC

bugbot adjusting priority

Comment 3 Petr Gajdos 2015-12-28 10:22:06 UTC

7.0.1 containing the fix is already in devel:languages:php since 2015-12-21.