openSUSE Security Update : php7 (openSUSE-2017-304)

critical Nessus Plugin ID 97563

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for php7 fixes the following security issues :

- CVE-2016-7480: The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP did not verify that a key is an object, which allowed remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data. (bsc#1019568)

- CVE-2017-5340: Zend/zend_hash.c in PHP mishandled certain cases that require large array allocations, which allowed remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data. (bsc#1019570)

- CVE-2016-7479: In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may have lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution. (bsc#1019547)

- CVE-2016-7478: Zend/zend_exceptions.c in PHP allowed remote attackers to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876. (bsc#1019550)

- CVE-2016-10159: Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP allowed remote attackers to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PHAR archive.
(bsc#1022255)

- CVE-2016-10160: Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP allowed remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch.
(bsc#1022257)

- CVE-2016-10161: The object_common1 function in ext/standard/var_unserializer.c in PHP allowed remote attackers to cause a denial of service (buffer over-read and application crash) via crafted serialized data that is mishandled in a finish_nested_data call.
(bsc#1022260)

- CVE-2016-10162: The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7 allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an inapplicable class name in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call. (bsc#1022262)

- CVE-2016-10166: A potential unsigned underflow in gd interpolation functions could lead to memory corruption in the PHP gd module (bsc#1022263)

- CVE-2016-10167: A denial of service problem in gdImageCreateFromGd2Ctx() could lead to php out of memory even on small files. (bsc#1022264)

- CVE-2016-10168: A signed integer overflow in the gd module could lead to memory corruption (bsc#1022265)

- CVE-2016-9138: PHP mishandled property modification during __wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data, as demonstrated by Exception::__toString with DateInterval::__wakeup. (bsc#1008026)

This update was imported from the SUSE:SLE-12:Update update project.

Solution

Update the affected php7 packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1022263

https://bugzilla.opensuse.org/show_bug.cgi?id=1022264

https://bugzilla.opensuse.org/show_bug.cgi?id=1022265

https://bugzilla.opensuse.org/show_bug.cgi?id=1008026

https://bugzilla.opensuse.org/show_bug.cgi?id=1019547

https://bugzilla.opensuse.org/show_bug.cgi?id=1019550

https://bugzilla.opensuse.org/show_bug.cgi?id=1019568

https://bugzilla.opensuse.org/show_bug.cgi?id=1019570

https://bugzilla.opensuse.org/show_bug.cgi?id=1022219

https://bugzilla.opensuse.org/show_bug.cgi?id=1022255

https://bugzilla.opensuse.org/show_bug.cgi?id=1022257

https://bugzilla.opensuse.org/show_bug.cgi?id=1022260

https://bugzilla.opensuse.org/show_bug.cgi?id=1022262

Plugin Details

Severity: Critical

ID: 97563

File Name: openSUSE-2017-304.nasl

Version: 3.3

Type: local

Agent: unix

Published: 3/7/2017

Updated: 1/19/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:2.3:o:novell:opensuse:42.2:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:apache2-mod_php7:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:apache2-mod_php7-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-bcmath:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-bcmath-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-bz2:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-bz2-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-calendar:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-calendar-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-ctype:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-ctype-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-curl:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-curl-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-dba:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-dba-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-debugsource:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-dom:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-dom-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-enchant:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-enchant-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-exif:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-exif-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-fastcgi:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-fastcgi-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-fileinfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-fileinfo-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-firebird:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-firebird-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-fpm:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-fpm-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-ftp:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-ftp-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-gd:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-gd-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-gettext:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-gettext-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-gmp:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-gmp-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-iconv:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-iconv-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-imap:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-imap-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-intl:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-intl-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-json:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-json-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-ldap:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-ldap-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-mbstring:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-mbstring-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-mcrypt:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-mcrypt-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-mysql:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-mysql-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-odbc:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-odbc-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-opcache:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-opcache-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-openssl:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-openssl-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-pcntl:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-pcntl-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-pdo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-pdo-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-pear:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-pear-archive_tar:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-pgsql:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-pgsql-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-phar:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-phar-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-posix:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-posix-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-pspell:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-pspell-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-readline:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-readline-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-shmop:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-shmop-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-snmp:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-snmp-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-soap:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-soap-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-sockets:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-sockets-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-sqlite:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-sqlite-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-sysvmsg:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-sysvmsg-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-sysvsem:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-sysvsem-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-sysvshm:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-sysvshm-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-tidy:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-tidy-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-tokenizer:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-tokenizer-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-wddx:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-wddx-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-xmlreader:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-xmlreader-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-xmlrpc:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-xmlrpc-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-xmlwriter:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-xmlwriter-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-xsl:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-xsl-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-zip:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-zip-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-zlib:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:php7-zlib-debuginfo:*:*:*:*:*:*:*

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 3/2/2017

Reference Information

CVE: CVE-2015-8876, CVE-2016-10166, CVE-2016-10167, CVE-2016-10168, CVE-2016-10158, CVE-2016-10159, CVE-2016-10160, CVE-2016-10161, CVE-2016-7478, CVE-2016-10162, CVE-2016-7479, CVE-2016-7480, CVE-2016-9138, CVE-2017-5340