RHEL 8 : php:7.2 (RHSA-2020:1624)

High Nessus Plugin ID 136057

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1624 advisory.

- php: Buffer over-read in PHAR reading functions (CVE-2018-20783)

- php: Heap buffer overflow in function exif_process_IFD_TAG() (CVE-2019-11034)

- php: Heap buffer overflow in function exif_iif_add_value() (CVE-2019-11035)

- php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure (CVE-2019-11036)

- php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers() (CVE-2019-11039)

- php: Buffer over-read in exif_read_data() (CVE-2019-11040)

- php: Heap buffer over-read in exif_scan_thumbnail() (CVE-2019-11041)

- php: Heap buffer over-read in exif_process_user_comment() (CVE-2019-11042)

- php: Invalid memory access in function xmlrpc_decode() (CVE-2019-9020)

- php: Heap-based buffer over-read in PHAR reading functions (CVE-2019-9021)

- php: memcpy with negative length via crafted DNS response (CVE-2019-9022)

- php: Heap-based buffer over-read in mbstring regular expression functions (CVE-2019-9023)

- php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c (CVE-2019-9024)

- php: File rename across filesystems may allow unwanted access during processing (CVE-2019-9637)

- php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9638, CVE-2019-9639)

- php: Invalid read in exif_process_SOFn() (CVE-2019-9640)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://cwe.mitre.org/data/definitions/122.html

https://cwe.mitre.org/data/definitions/122.html

https://cwe.mitre.org/data/definitions/122.html

https://cwe.mitre.org/data/definitions/190.html

https://cwe.mitre.org/data/definitions/125.html

https://cwe.mitre.org/data/definitions/125.html

https://cwe.mitre.org/data/definitions/120.html

https://cwe.mitre.org/data/definitions/120.html

https://cwe.mitre.org/data/definitions/119.html

https://cwe.mitre.org/data/definitions/122.html

https://cwe.mitre.org/data/definitions/119.html

https://cwe.mitre.org/data/definitions/122.html

https://cwe.mitre.org/data/definitions/125.html

https://cwe.mitre.org/data/definitions/266.html

https://cwe.mitre.org/data/definitions/665.html

https://cwe.mitre.org/data/definitions/665.html

https://cwe.mitre.org/data/definitions/125.html

https://access.redhat.com/errata/RHSA-2020:1624

https://access.redhat.com/security/cve/CVE-2018-20783

https://access.redhat.com/security/cve/CVE-2019-11034

https://access.redhat.com/security/cve/CVE-2019-11035

https://access.redhat.com/security/cve/CVE-2019-11036

https://access.redhat.com/security/cve/CVE-2019-11039

https://access.redhat.com/security/cve/CVE-2019-11040

https://access.redhat.com/security/cve/CVE-2019-11041

https://access.redhat.com/security/cve/CVE-2019-11042

https://access.redhat.com/security/cve/CVE-2019-9020

https://access.redhat.com/security/cve/CVE-2019-9021

https://access.redhat.com/security/cve/CVE-2019-9022

https://access.redhat.com/security/cve/CVE-2019-9023

https://access.redhat.com/security/cve/CVE-2019-9024

https://access.redhat.com/security/cve/CVE-2019-9637

https://access.redhat.com/security/cve/CVE-2019-9638

https://access.redhat.com/security/cve/CVE-2019-9639

https://access.redhat.com/security/cve/CVE-2019-9640

https://bugzilla.redhat.com/1680545

https://bugzilla.redhat.com/1685123

https://bugzilla.redhat.com/1685132

https://bugzilla.redhat.com/1685398

https://bugzilla.redhat.com/1685404

https://bugzilla.redhat.com/1685412

https://bugzilla.redhat.com/1688897

https://bugzilla.redhat.com/1688922

https://bugzilla.redhat.com/1688934

https://bugzilla.redhat.com/1688939

https://bugzilla.redhat.com/1702246

https://bugzilla.redhat.com/1702256

https://bugzilla.redhat.com/1707299

https://bugzilla.redhat.com/1724152

https://bugzilla.redhat.com/1724154

https://bugzilla.redhat.com/1739459

https://bugzilla.redhat.com/1739465

Plugin Details

Severity: High

ID: 136057

File Name: redhat-RHSA-2020-1624.nasl

Version: 1.3

Type: local

Agent: unix

Published: 2020/04/28

Updated: 2020/05/20

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS Score Source: CVE-2019-9023

CVSS v2.0

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:redhat:enterprise_linux:8, cpe:/a:redhat:enterprise_linux:8::appstream, cpe:/o:redhat:enterprise_linux:8, p-cpe:/a:redhat:enterprise_linux:apcu-panel, p-cpe:/a:redhat:enterprise_linux:libzip, p-cpe:/a:redhat:enterprise_linux:libzip-debugsource, p-cpe:/a:redhat:enterprise_linux:libzip-devel, p-cpe:/a:redhat:enterprise_linux:libzip-tools, p-cpe:/a:redhat:enterprise_linux:php, p-cpe:/a:redhat:enterprise_linux:php-bcmath, p-cpe:/a:redhat:enterprise_linux:php-cli, p-cpe:/a:redhat:enterprise_linux:php-common, p-cpe:/a:redhat:enterprise_linux:php-dba, p-cpe:/a:redhat:enterprise_linux:php-dbg, p-cpe:/a:redhat:enterprise_linux:php-debugsource, p-cpe:/a:redhat:enterprise_linux:php-devel, p-cpe:/a:redhat:enterprise_linux:php-embedded, p-cpe:/a:redhat:enterprise_linux:php-enchant, p-cpe:/a:redhat:enterprise_linux:php-fpm, p-cpe:/a:redhat:enterprise_linux:php-gd, p-cpe:/a:redhat:enterprise_linux:php-gmp, p-cpe:/a:redhat:enterprise_linux:php-intl, p-cpe:/a:redhat:enterprise_linux:php-json, p-cpe:/a:redhat:enterprise_linux:php-ldap, p-cpe:/a:redhat:enterprise_linux:php-mbstring, p-cpe:/a:redhat:enterprise_linux:php-mysqlnd, p-cpe:/a:redhat:enterprise_linux:php-odbc, p-cpe:/a:redhat:enterprise_linux:php-opcache, p-cpe:/a:redhat:enterprise_linux:php-pdo, p-cpe:/a:redhat:enterprise_linux:php-pear, p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu, p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu-debugsource, p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu-devel, p-cpe:/a:redhat:enterprise_linux:php-pecl-zip, p-cpe:/a:redhat:enterprise_linux:php-pecl-zip-debugsource, p-cpe:/a:redhat:enterprise_linux:php-pgsql, p-cpe:/a:redhat:enterprise_linux:php-process, p-cpe:/a:redhat:enterprise_linux:php-recode, p-cpe:/a:redhat:enterprise_linux:php-snmp, p-cpe:/a:redhat:enterprise_linux:php-soap, p-cpe:/a:redhat:enterprise_linux:php-xml, p-cpe:/a:redhat:enterprise_linux:php-xmlrpc

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 2020/04/28

Vulnerability Publication Date: 2019/02/21

Reference Information

CVE: CVE-2018-20783, CVE-2019-9020, CVE-2019-9021, CVE-2019-9022, CVE-2019-9023, CVE-2019-9024, CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9640, CVE-2019-11034, CVE-2019-11035, CVE-2019-11036, CVE-2019-11039, CVE-2019-11040, CVE-2019-11041, CVE-2019-11042

BID: 107121, 107154, 107156, 107379, 107794, 108177, 108520, 108525

RHSA: 2020:1624

CWE: 119, 120, 122, 125, 190, 266, 665