CVE-2021-21708
Description
In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.267
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| php7.4 security update(DSA-5082-1) php7.4_7.4.28-1+deb11u1_all.deb | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-bcmath-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-cli-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-common-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-dba-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-dbg-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-debugsource-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-devel-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-embedded-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-enchant-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-ffi-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-fpm-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-gd-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-gmp-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-intl-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-ldap-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-mbstring-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-mysqlnd-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-odbc-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-opcache-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-pdo-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-pgsql-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-process-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-snmp-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-soap-8.0.20-3.el9.x86_64.rpm | Linux |
| (RHSA-2022:8197) php security, bug fix, and enhancement update php-xml-8.0.20-3.el9.x86_64.rpm | Linux |
| php:7.4 security, bug fix, and enhancement update (RLSA-2022:7628) php-json-7.4.30-1.module+el8.7.0+1067+0a7071cc.x86_64.rpm | Linux |
| php:7.4 security, bug fix, and enhancement update (RLSA-2022:7628) php-pear-1.10.13-1.module+el8.7.0+1067+0a7071cc.noarch.rpm | Linux |
| php:7.4 security, bug fix, and enhancement update (RLSA-2022:7628) php-xmlrpc-7.4.30-1.module+el8.7.0+1067+0a7071cc.x86_64.rpm | Linux |
| php:7.4 security, bug fix, and enhancement update (RLSA-2022:7628) php-pecl-xdebug-2.9.5-1.module+el8.4.0+415+e936cba3.x86_64.rpm | Linux |
| HTML-embedded scripting language interpreter (USN-5303-1) php7.4-cgi_7.4.3-4ubuntu2.9_i386.deb | Linux |
| HTML-embedded scripting language interpreter (USN-5303-1) php7.4-cgi_7.4.3-4ubuntu2.9_amd64.deb | Linux |
| HTML-embedded scripting language interpreter (USN-5303-1) php7.4-cli_7.4.3-4ubuntu2.9_i386.deb | Linux |
| HTML-embedded scripting language interpreter (USN-5303-1) php7.4-cli_7.4.3-4ubuntu2.9_amd64.deb | Linux |
| HTML-embedded scripting language interpreter (USN-5303-1) php7.4-fpm_7.4.3-4ubuntu2.9_i386.deb | Linux |
| HTML-embedded scripting language interpreter (USN-5303-1) php7.4-fpm_7.4.3-4ubuntu2.9_amd64.deb | Linux |
| HTML-embedded scripting language interpreter (USN-5303-1) php8.0-cgi_8.0.8-1ubuntu0.2_i386.deb | Linux |
| HTML-embedded scripting language interpreter (USN-5303-1) php8.0-cgi_8.0.8-1ubuntu0.2_amd64.deb | Linux |
| HTML-embedded scripting language interpreter (USN-5303-1) php8.0-cli_8.0.8-1ubuntu0.2_i386.deb | Linux |
| HTML-embedded scripting language interpreter (USN-5303-1) php8.0-cli_8.0.8-1ubuntu0.2_amd64.deb | Linux |
| HTML-embedded scripting language interpreter (USN-5303-1) php8.0-fpm_8.0.8-1ubuntu0.2_i386.deb | Linux |
| HTML-embedded scripting language interpreter (USN-5303-1) php8.0-fpm_8.0.8-1ubuntu0.2_amd64.deb | Linux |
| Use After Free Vulnerability (CVE-2021-21708) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234