CVE-2017-11143

NameCVE-2017-11143
DescriptionIn PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1034-1
NVD severitymedium (attack range: remote)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
php5 (PTS)wheezy5.4.45-0+deb7u2vulnerable
wheezy (security)5.4.45-0+deb7u9fixed
jessie (security), jessie5.6.30+dfsg-0+deb8u1vulnerable
php7.0 (PTS)stretch7.0.19-1fixed
buster, sid7.0.20-2fixed
php7.1 (PTS)buster, sid7.1.6-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
php5source(unstable)(unfixed)medium
php5sourcewheezy5.4.45-0+deb7u9mediumDLA-1034-1
php7.0source(unstable)(not affected)
php7.1source(unstable)(not affected)

Notes

- php7.1 <not-affected> (Only affected 5.6)
- php7.0 <not-affected> (Only affected 5.6)
PHP Bug: https://bugs.php.net/bug.php?id=74145
http://git.php.net/?p=php-src.git;a=commitdiff;h=2aae60461c2ff7b7fbcdd194c789ac841d0747d7
http://git.php.net/?p=php-src.git;a=commitdiff;h=f269cdcd4f76accbecd03884f327cffb9a7f1ca9
http://openwall.com/lists/oss-security/2017/07/10/6

Search for package or bug name: Reporting problems