Home

CVE-2021-21703

Description

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user.

Risk Information

Base Score
7.0
MODERATE
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.133

Associated Vulnerability

VulnerabilityOS Platform
php7.3 security update(DSA-4993-1) php7.3_7.3.31-1~deb10u1_all.debLinux
HTML-embedded scripting language interpreter (USN-5125-1) php7.2-fpm_7.2.24-0ubuntu0.18.04.11_i386.debLinux
HTML-embedded scripting language interpreter (USN-5125-1) php7.2-fpm_7.2.24-0ubuntu0.18.04.11_amd64.debLinux
HTML-embedded scripting language interpreter (USN-5125-1) php7.4-fpm_7.4.3-4ubuntu2.10_i386.debLinux
HTML-embedded scripting language interpreter (USN-5125-1) php7.4-fpm_7.4.3-4ubuntu2.10_amd64.debLinux
HTML-embedded scripting language interpreter (USN-5125-1) php7.4-fpm_7.4.16-1ubuntu2.3_i386.debLinux
HTML-embedded scripting language interpreter (USN-5125-1) php7.4-fpm_7.4.16-1ubuntu2.3_amd64.debLinux
HTML-embedded scripting language interpreter (USN-5125-1) php8.0-fpm_8.0.8-1ubuntu0.3_i386.debLinux
HTML-embedded scripting language interpreter (USN-5125-1) php8.0-fpm_8.0.8-1ubuntu0.3_amd64.debLinux
(RHSA-2022:1935) php:7.4 security update apcu-panel-5.1.18-1.module+el8.3.0+6678+b09f589e.noarch.rpmLinux
(RHSA-2022:1935) php:7.4 security update libzip-debugsource-1.6.1-1.module+el8.3.0+6678+b09f589e.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update libzip-devel-1.6.1-1.module+el8.3.0+6678+b09f589e.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update libzip-tools-1.6.1-1.module+el8.3.0+6678+b09f589e.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-bcmath-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-cli-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-common-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-dba-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-dbg-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-debugsource-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-devel-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-embedded-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-enchant-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-ffi-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-fpm-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-gd-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-gmp-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-intl-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-ldap-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-mbstring-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-mysqlnd-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-odbc-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-opcache-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-pdo-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-pecl-apcu-debugsource-5.1.18-1.module+el8.3.0+6678+b09f589e.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-pecl-apcu-devel-5.1.18-1.module+el8.3.0+6678+b09f589e.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-pecl-rrd-2.0.1-1.module+el8.3.0+6678+b09f589e.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-pecl-rrd-debugsource-2.0.1-1.module+el8.3.0+6678+b09f589e.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-pecl-xdebug-2.9.5-1.module+el8.3.0+6678+b09f589e.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-pecl-xdebug-debugsource-2.9.5-1.module+el8.3.0+6678+b09f589e.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-pecl-zip-debugsource-1.18.2-1.module+el8.3.0+6678+b09f589e.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-pgsql-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-process-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-snmp-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-soap-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-xml-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
(RHSA-2022:1935) php:7.4 security update php-xmlrpc-7.4.19-2.module+el8.6.0+13953+0a59ce9f.x86_64.rpmLinux
Apcu-panel update (ELSA-2023-2903) apcu-panel-5.1.18-1.module+el8.3.0+7685+72d70b58.noarch.rpmLinux
Libzip update (ELSA-2023-2903) libzip-1.6.1-1.module+el8.3.0+7685+72d70b58.x86_64.rpmLinux
Libzip-devel update (ELSA-2023-2903) libzip-devel-1.6.1-1.module+el8.3.0+7685+72d70b58.x86_64.rpmLinux
Libzip-tools update (ELSA-2023-2903) libzip-tools-1.6.1-1.module+el8.3.0+7685+72d70b58.x86_64.rpmLinux
Php update (ELSA-2023-2903) php-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-bcmath update (ELSA-2023-2903) php-bcmath-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-cli update (ELSA-2023-2903) php-cli-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-common update (ELSA-2023-2903) php-common-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-dba update (ELSA-2023-2903) php-dba-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-dbg update (ELSA-2023-2903) php-dbg-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-devel update (ELSA-2023-2903) php-devel-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-embedded update (ELSA-2023-2903) php-embedded-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-enchant update (ELSA-2023-2903) php-enchant-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-ffi update (ELSA-2023-2903) php-ffi-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-fpm update (ELSA-2023-2903) php-fpm-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-gd update (ELSA-2023-2903) php-gd-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-gmp update (ELSA-2023-2903) php-gmp-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-intl update (ELSA-2023-2903) php-intl-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-json update (ELSA-2023-2903) php-json-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-ldap update (ELSA-2023-2903) php-ldap-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-mbstring update (ELSA-2023-2903) php-mbstring-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-mysqlnd update (ELSA-2023-2903) php-mysqlnd-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-odbc update (ELSA-2023-2903) php-odbc-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-opcache update (ELSA-2023-2903) php-opcache-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-pdo update (ELSA-2023-2903) php-pdo-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-pear update (ELSA-2023-2903) php-pear-1.10.13-1.module+el8.7.0+20800+8e29b882.noarch.rpmLinux
Php-pecl-apcu update (ELSA-2023-2903) php-pecl-apcu-5.1.18-1.module+el8.3.0+7685+72d70b58.x86_64.rpmLinux
Php-pecl-apcu-devel update (ELSA-2023-2903) php-pecl-apcu-devel-5.1.18-1.module+el8.3.0+7685+72d70b58.x86_64.rpmLinux
Php-pecl-rrd update (ELSA-2023-2903) php-pecl-rrd-2.0.1-1.module+el8.3.0+7685+72d70b58.x86_64.rpmLinux
Php-pecl-xdebug update (ELSA-2023-2903) php-pecl-xdebug-2.9.5-1.module+el8.3.0+7685+72d70b58.x86_64.rpmLinux
Php-pecl-zip update (ELSA-2023-2903) php-pecl-zip-1.18.2-1.module+el8.3.0+7685+72d70b58.x86_64.rpmLinux
Php-pgsql update (ELSA-2023-2903) php-pgsql-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-process update (ELSA-2023-2903) php-process-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-snmp update (ELSA-2023-2903) php-snmp-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-soap update (ELSA-2023-2903) php-soap-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-xml update (ELSA-2023-2903) php-xml-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Php-xmlrpc update (ELSA-2023-2903) php-xmlrpc-7.4.33-1.module+el8.8.0+20974+ef7eddfa.x86_64.rpmLinux
Out-of-bounds Write Vulnerability (CVE-2021-21703)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234