In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
https://www.hivepro.com/blog/lockbit-takedown-and-resurgence/
https://securityaffairs.com/159584/cyber-crime/lockbit-gang-resumed-raas.html
https://thehackernews.com/2024/02/lockbit-ransomwares-darknet-domains.html?&web_view=true
https://www.theregister.com/2024/02/20/nca_lockbit_takedown/
https://security.netapp.com/advisory/ntap-20230825-0001/
https://lists.debian.org/debian-lts-announce/2023/09/msg00002.html