CVE-2022-4900: Potential buffer overflow in php_cli_server_startup_workers
First published: Mon Mar 20 2023(Updated: )
A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| PHP PHP | ||
| Redhat Software Collections | ||
| All of | ||
| PHP PHP | =8.1.0 | |
| Redhat Linux | =9.0 | |
| All of | ||
| PHP PHP | =8.0.0 | |
| Redhat Linux | =8.0 | |
| All of | ||
| PHP PHP | =7.4.0 | |
| Redhat Linux | =8.0 | |
| All of | ||
| PHP PHP | ||
| Redhat Linux | =6.0 | |
| All of | ||
| PHP PHP | ||
| Redhat Linux | =7.0 | |
| All of | ||
| PHP PHP | ||
| Redhat Linux | =9.0 | |
| redhat/php | <8.0.22 | 8.0.22 |
| ubuntu/php7.4 | <7.4.3-4ubuntu2.21 | 7.4.3-4ubuntu2.21 |
| ubuntu/php8.1 | <8.1.2-1ubuntu2.16 | 8.1.2-1ubuntu2.16 |
| debian/php7.3 | 7.3.31-1~deb10u1 7.3.31-1~deb10u5 | |
| debian/php7.4 | <=7.4.33-1+deb11u4<=7.4.33-1+deb11u5 | |
| debian/php8.2 | 8.2.7-1~deb12u1 8.2.18-1~deb12u1 8.2.12-1 8.2.18-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/security/cve/CVE-2022-4900
- https://bugzilla.redhat.com/show_bug.cgi?id=2179880
- https://security.netapp.com/advisory/ntap-20231130-0008/
- https://github.com/php/php-src/issues/8989
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2179881
- https://www.cve.org/CVERecord?id=CVE-2022-4900
- https://ubuntu.com/security/notices/USN-6757-1
- https://nvd.nist.gov/vuln/detail/CVE-2022-4900
- https://launchpad.net/bugs/cve/CVE-2022-4900
- https://security-tracker.debian.org/tracker/CVE-2022-4900
- https://github.com/php/php-src/pull/9000
- https://github.com/php/php-src/commit/789a37f14405e2d1a05a76c9fb4ed2d49d4580d5
- https://ubuntu.com/security/CVE-2022-4900
- https://github.com/php/php-src/commit/82effb3fc7bcab0efcc343b3e03355f5f2f663c9
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-4900.
What is the severity of CVE-2022-4900?
The severity of CVE-2022-4900 is medium with a CVSS score of 6.2.
How does the vulnerability in PHP occur?
The vulnerability in PHP occurs when the environment variable PHP_CLI_SERVER_WORKERS is set to a large value, leading to a heap buffer overflow.
Which versions of PHP are affected by CVE-2022-4900?
PHP versions up to and excluding 8.0.22 are affected by CVE-2022-4900.
Where can I find more information about CVE-2022-4900?
You can find more information about CVE-2022-4900 at the following references: [https://access.redhat.com/security/cve/CVE-2022-4900](https://access.redhat.com/security/cve/CVE-2022-4900), [https://bugzilla.redhat.com/show_bug.cgi?id=2179880](https://bugzilla.redhat.com/show_bug.cgi?id=2179880), [https://github.com/php/php-src/issues/8989](https://github.com/php/php-src/issues/8989).
- collector/mitre-cve
- collector/nvd-api
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/severity
- agent/title
- agent/weakness
- agent/remedy
- collector/usn-cve
- source/Ubuntu
- agent/software-canonical-lookup
- agent/description
- collector/launchpad-cve
- source/Launchpad
- collector/security-tracker-debian
- source/Debian
- agent/author
- agent/references
- agent/tags
- collector/nvd-cve
- source/NVD
- agent/event
- agent/softwarecombine
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2022-4900
- vendor/php
- canonical/php php
- vendor/redhat
- canonical/redhat software collections
- version/php php/8.1.0
- canonical/redhat linux
- version/redhat linux/9.0
- version/php php/8.0.0
- version/redhat linux/8.0
- version/php php/7.4.0
- version/redhat linux/6.0
- version/redhat linux/7.0
- package-manager/ubuntu
- package-manager/debian
- package-manager/redhat