CVE-2015-4644: Null Pointer Dereference
First published: Mon May 16 2016(Updated: )
The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Enterprise Linux | =6.0 | |
| Red Hat Enterprise Linux | =7.0 | |
| PHP | <=5.4.41 | |
| PHP | =5.5.0 | |
| PHP | =5.5.1 | |
| PHP | =5.5.2 | |
| PHP | =5.5.3 | |
| PHP | =5.5.4 | |
| PHP | =5.5.5 | |
| PHP | =5.5.6 | |
| PHP | =5.5.7 | |
| PHP | =5.5.8 | |
| PHP | =5.5.9 | |
| PHP | =5.5.10 | |
| PHP | =5.5.11 | |
| PHP | =5.5.12 | |
| PHP | =5.5.13 | |
| PHP | =5.5.14 | |
| PHP | =5.5.15 | |
| PHP | =5.5.16 | |
| PHP | =5.5.17 | |
| PHP | =5.5.18 | |
| PHP | =5.5.19 | |
| PHP | =5.5.20 | |
| PHP | =5.5.21 | |
| PHP | =5.5.22 | |
| PHP | =5.5.23 | |
| PHP | =5.5.24 | |
| PHP | =5.5.25 | |
| PHP | =5.6.0 | |
| PHP | =5.6.1 | |
| PHP | =5.6.2 | |
| PHP | =5.6.3 | |
| PHP | =5.6.4 | |
| PHP | =5.6.5 | |
| PHP | =5.6.6 | |
| PHP | =5.6.7 | |
| PHP | =5.6.8 | |
| PHP | =5.6.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://git.php.net/?p=php-src.git;a=commit;h=2cc4e69cc6d8dbc4b3568ad3dd583324a7c11d64
- http://openwall.com/lists/oss-security/2015/06/18/6
- http://php.net/ChangeLog-5.php
- http://rhn.redhat.com/errata/RHSA-2015-1186.html
- http://rhn.redhat.com/errata/RHSA-2015-1187.html
- http://www.debian.org/security/2015/dsa-3344
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.securityfocus.com/bid/75292
- http://www.securitytracker.com/id/1032709
- https://bugs.php.net/bug.php?id=69667
- https://security.gentoo.org/glsa/201606-10
- http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=2cc4e69cc6d8dbc4b3568ad3dd583324a7c11d64
Frequently Asked Questions
What is the severity of CVE-2015-4644?
CVE-2015-4644 is considered to have a moderate severity level due to the potential for denial of service.
How do I fix CVE-2015-4644?
To fix CVE-2015-4644, upgrade PHP to version 5.4.42, 5.5.26, or 5.6.10 or later.
Which versions of PHP are affected by CVE-2015-4644?
CVE-2015-4644 affects PHP versions prior to 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10.
Does CVE-2015-4644 affect all operating systems?
CVE-2015-4644 specifically affects PHP installations on Red Hat Enterprise Linux 6.0 and 7.0.
What kind of attacks can CVE-2015-4644 enable?
CVE-2015-4644 can enable remote attackers to cause a denial of service through null pointer dereference.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/references
- agent/description
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/6.0
- version/red hat enterprise linux/7.0
- vendor/php
- canonical/php
- version/php/5.4.41
- version/php/5.5.0
- version/php/5.5.1
- version/php/5.5.2
- version/php/5.5.3
- version/php/5.5.4
- version/php/5.5.5
- version/php/5.5.6
- version/php/5.5.7
- version/php/5.5.8
- version/php/5.5.9
- version/php/5.5.10
- version/php/5.5.11
- version/php/5.5.12
- version/php/5.5.13
- version/php/5.5.14
- version/php/5.5.15
- version/php/5.5.16
- version/php/5.5.17
- version/php/5.5.18
- version/php/5.5.19
- version/php/5.5.20
- version/php/5.5.21
- version/php/5.5.22
- version/php/5.5.23
- version/php/5.5.24
- version/php/5.5.25
- version/php/5.6.0
- version/php/5.6.1
- version/php/5.6.2
- version/php/5.6.3
- version/php/5.6.4
- version/php/5.6.5
- version/php/5.6.6
- version/php/5.6.7
- version/php/5.6.8
- version/php/5.6.9