Detections
Analytics

Fedora 42 : php (2025-2c344545bf)

high Nessus Plugin ID 242042

Language:

Synopsis

The remote Fedora host is missing one or more security updates.

Description

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-2c344545bf advisory.

 **PHP version 8.4.10** (03 Jul 2025)

 **BcMath:**

 * Fixed bug [GH-18641](https://github.com/php/php-src/issues/18641) (Accessing a BcMath\Number property by ref crashes). (nielsdos)

 **Core:**

 * Fixed bugs [GH-17711](https://github.com/php/php-src/issues/17711) and [GH-18022](https://github.com/php/php-src/issues/18022) (Infinite recursion on deprecated attribute evaluation) and [GH-18464](https://github.com/php/php-src/issues/18464) (Recursion protection for deprecation constants not released on bailout). (DanielEScherzer and ilutov)
 * Fixed [GH-18695](https://github.com/php/php-src/issues/18695) (zend_ast_export() - float number is not preserved). (Oleg Efimov)
 * Fix handling of references in zval_try_get_long(). (nielsdos)
 * Do not delete main chunk in zend_gc. (danog, Arnaud)
 * Fix compile issues with zend_alloc and some non-default options. (nielsdos)

 **Curl:**

 * Fix memory leak when setting a list via curl_setopt fails. (nielsdos)

 **Date:**

 * Fix leaks with multiple calls to DatePeriod iterator current(). (nielsdos)

 **DOM:**

 * Fixed bug [GH-18744](https://github.com/php/php-src/issues/18744) (classList works not correctly if copy HTMLElement by clone keyword). (nielsdos)

 **FPM:**

 * Fixed [GH-18662](https://github.com/php/php-src/issues/18662) (fpm_get_status segfault). (txuna)

 **Hash:**

 * Fixed bug [GH-14551](https://github.com/php/php-src/issues/14551) (PGO build fails with xxhash).
 (nielsdos)

 **Intl:**

 * Fix memory leak in intl_datetime_decompose() on failure. (nielsdos)
 * Fix memory leak in locale lookup on failure. (nielsdos)

 **Opcache:**

 * Fixed bug [GH-18743](https://github.com/php/php-src/issues/18743) (Incompatibility in Inline TLS Assembly on Alpine 3.22). (nielsdos, Arnaud)

 **ODBC:**

 * Fix memory leak on php_odbc_fetch_hash() failure. (nielsdos)

 **OpenSSL:**

 * Fix memory leak of X509_STORE in php_openssl_setup_verify() on failure. (nielsdos)
 * Fixed bug php#74796 (Requests through http proxy set peer name). (Jakub Zelenka)

 **PGSQL:**

 * Fixed [GHSA-hrwm-9436-5mv3](https://github.com/php/php-src/security/advisories/GHSA-hrwm-9436-5mv3) (pgsql extension does not check for errors during escaping). (**CVE-2025-1735**) (Jakub Zelenka)

 **PDO ODBC:**

 * Fix memory leak if WideCharToMultiByte() fails. (nielsdos)

 **PDO Sqlite:**

 * Fixed memory leak with Pdo_Sqlite::createCollation when the callback has an incorrect return type.
 (David Carlier)

 **Phar:**

 * Add missing filter cleanups on phar failure. (nielsdos)
 * Fixed bug [GH-18642](https://github.com/php/php-src/issues/18642) (Signed integer overflow in ext/phar fseek). (nielsdos)

 **PHPDBG:**

 * Fix 'phpdbg --help' segfault on shutdown with USE_ZEND_ALLOC=0. (nielsdos)

 **PGSQL:**

 * Fix warning not being emitted when failure to cancel a query with pg_cancel_query(). (Girgias)

 **Random:**

 * Fix reference type confusion and leak in user random engine. (nielsdos, timwolla)

 **Readline:**

 * Fix memory leak when calloc() fails in php_readline_completion_cb(). (nielsdos)

 **SimpleXML:**

 * Fixed bug [GH-18597](https://github.com/php/php-src/issues/18597) (Heap-buffer-overflow in zend_alloc.c when assigning string with UTF-8 bytes). (nielsdos)

 **SOAP:**

 * Fix memory leaks in php_http.c when call_user_function() fails. (nielsdos)
 * Fixed [GHSA-453j-q27h-5p8x](https://github.com/php/php-src/security/advisories/GHSA-453j-q27h-5p8x) (NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix). (**CVE-2025-6491**) (Lekssays, nielsdos)

 **Standard:**

 * Fixed [GHSA-3cr5-j632-f35r](https://github.com/php/php-src/security/advisories/GHSA-3cr5-j632-f35r) (Null byte termination in hostnames). (**CVE-2025-1220**) (Jakub Zelenka)

 **Tidy:**

 * Fix memory leak in tidy output handler on error. (nielsdos)
 * Fix tidyOptIsReadonly deprecation, using tidyOptGetCategory. (David Carlier)


Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected php package.

See Also

https://bodhi.fedoraproject.org/updates/FEDORA-2025-2c344545bf

Plugin Details

Severity: High

ID: 242042

File Name: fedora_2025-2c344545bf.nasl

Version: 1.1

Type: local

Agent: unix

Published: 7/13/2025

Updated: 7/13/2025

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2025-6491

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:php, cpe:/o:fedoraproject:fedora:42

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 7/4/2025

Vulnerability Publication Date: 7/3/2025

Reference Information

CVE: CVE-2025-1220, CVE-2025-1735, CVE-2025-6491

FEDORA: 2025-2c344545bf

IAVA: 2025-A-0497