SB2024050228 - Ubuntu update for php7.4

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2022-4900)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the php_cli_server_startup_workers() function in sapi/cli/php_cli_server.c when processing PHP_CLI_SERVER_WORKERS environment variable. A local user can trigger memory corruption and execute arbitrary code on the target system.

2) Security features bypass (CVE-ID: CVE-2024-2756)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to the way PHP handles HTTP variable names. A remote attacker can set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

Note, the vulnerability exists due to incomplete fix for #VU67756 (CVE-2022-31629).

3) Improper Authentication (CVE-ID: CVE-2024-3096)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in within the password_verify() function, which can erroneously return true. A remote attacker can bypass implemented authentication based on the vulnerable function and gain unauthorized access to the web application.

Remediation

Install update from vendor's website.

References

• https://ubuntu.com/security/notices/USN-6757-2