USN-2984-1: PHP vulnerabilities

24 May 2016

php5, php7.0 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 16.04 LTS
  • Ubuntu 15.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in PHP.

Software Description

  • php7.0 - HTML-embedded scripting language interpreter
  • php5 - HTML-embedded scripting language interpreter

Details

It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2015-8865)

Hans Jerry Illikainen discovered that the PHP Zip extension incorrectly handled certain malformed Zip archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-3078)

It was discovered that PHP incorrectly handled invalid indexes in the SplDoublyLinkedList class. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-3132)

It was discovered that the PHP rawurlencode() function incorrectly handled large strings. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-4070)

It was discovered that the PHP php_snmp_error() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-4071)

It was discovered that the PHP phar extension incorrectly handled certain filenames in archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-4072)

It was discovered that the PHP mb_strcut() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-4073)

It was discovered that the PHP phar extension incorrectly handled certain archive files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-4342, CVE-2016-4343)

It was discovered that the PHP bcpowmod() function incorrectly handled memory. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-4537, CVE-2016-4538)

It was discovered that the PHP XML parser incorrectly handled certain malformed XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-4539)

It was discovered that certain PHP grapheme functions incorrectly handled negative offsets. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2016-4540, CVE-2016-4541)

It was discovered that PHP incorrectly handled certain malformed EXIF tags. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2016-4542, CVE-2016-4543, CVE-2016-4544)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04 LTS
libapache2-mod-php7.0 - 7.0.4-7ubuntu2.1
php7.0-cgi - 7.0.4-7ubuntu2.1
php7.0-cli - 7.0.4-7ubuntu2.1
php7.0-fpm - 7.0.4-7ubuntu2.1
Ubuntu 15.10
libapache2-mod-php5 - 5.6.11+dfsg-1ubuntu3.4
php5-cgi - 5.6.11+dfsg-1ubuntu3.4
php5-cli - 5.6.11+dfsg-1ubuntu3.4
php5-fpm - 5.6.11+dfsg-1ubuntu3.4
Ubuntu 14.04 LTS
libapache2-mod-php5 - 5.5.9+dfsg-1ubuntu4.17
php5-cgi - 5.5.9+dfsg-1ubuntu4.17
php5-cli - 5.5.9+dfsg-1ubuntu4.17
php5-fpm - 5.5.9+dfsg-1ubuntu4.17
Ubuntu 12.04 LTS
libapache2-mod-php5 - 5.3.10-1ubuntu3.23
php5-cgi - 5.3.10-1ubuntu3.23
php5-cli - 5.3.10-1ubuntu3.23
php5-fpm - 5.3.10-1ubuntu3.23

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References