CVE-2022-31626

CVE-2022-31626

Name

CVE-2022-31626

Description

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability.

NVD Severity

high

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://bugs.php.net/bug.php?id=81719
FEDORA	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3T4MMEEZYYAEHPQMZDFN44PHORJWJFZQ/
FEDORA	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZTZQKRGEYJT5UB4FGG3MOE72SQUHSL4/
Third Party Advisory	https://www.debian.org/security/2022/dsa-5179
Third Party Advisory	https://security.netapp.com/advisory/ntap-20220722-0005/
Third Party Advisory	https://security.gentoo.org/glsa/202209-20
Mailing List	https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZTZQKRGEYJT5UB4FGG3MOE72SQUHSL4/
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3T4MMEEZYYAEHPQMZDFN44PHORJWJFZQ/

Type

URI

MISC

https://bugs.php.net/bug.php?id=81719

FEDORA

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3T4MMEEZYYAEHPQMZDFN44PHORJWJFZQ/

FEDORA

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZTZQKRGEYJT5UB4FGG3MOE72SQUHSL4/

Third Party Advisory

https://www.debian.org/security/2022/dsa-5179

Third Party Advisory

https://security.netapp.com/advisory/ntap-20220722-0005/

Third Party Advisory

https://security.gentoo.org/glsa/202209-20

Mailing List

https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZTZQKRGEYJT5UB4FGG3MOE72SQUHSL4/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3T4MMEEZYYAEHPQMZDFN44PHORJWJFZQ/

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:php:php::::::::`	php	>= 8.1.0	< 8.1.7
`cpe:2.3:a:php:php::::::::`	php	>= 8.0.0	< 8.0.20
`cpe:2.3:a:php:php::::::::`	php	>= 7.4.0	< 7.4.30

CPE URI

Source package

Min version

Max version

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

php

>= 8.1.0

< 8.1.7

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

php

>= 8.0.0

< 8.0.20

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

php

>= 7.4.0

< 7.4.30

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
php81	edge-community	8.1.6-r2	Andy Postnikov <apostnikov@gmail.com>	fixed
php81	3.19-community	8.1.6-r2	None	fixed
php81	3.18-community	8.1.6-r2	None	fixed
php81	3.17-community	8.1.6-r2	None	fixed
php8	edge-community	8.0.19-r2	Andy Postnikov <apostnikov@gmail.com>	fixed

Source package

Branch

Version

Maintainer

Status

php81

edge-community

8.1.6-r2

Andy Postnikov <apostnikov@gmail.com>

fixed

php81

3.19-community