CVE-2018-10545
- Source
- https://cve.org/CVERecord?id=CVE-2018-10545
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-10545.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-10545
- Downstream
- Related
- Published
- 2018-04-29T21:29:00.277Z
- Modified
- 2026-02-03T06:59:39.257536Z
- Severity
-
- 4.7 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpmunix.c makes a PRSET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process.
- References
-
- http://php.net/ChangeLog-5.php
- http://php.net/ChangeLog-7.php
- http://www.securityfocus.com/bid/104022
- https://access.redhat.com/errata/RHSA-2019:2519
- https://bugs.php.net/bug.php?id=75605
- https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html
- https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html
- https://security.gentoo.org/glsa/201812-01
- https://security.netapp.com/advisory/ntap-20180607-0003/
- https://usn.ubuntu.com/3646-1/
- https://usn.ubuntu.com/3646-2/
- https://www.debian.org/security/2018/dsa-4240
- https://www.tenable.com/security/tns-2018-12
- https://bugs.php.net/bug.php?id=75605
- http://php.net/ChangeLog-5.php
- http://php.net/ChangeLog-7.php
- https://bugs.php.net/bug.php?id=75605
- https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html
- https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html
Affected packages
Git / github.com/php/php-src
Affected ranges
- Type
- GIT
- Repo
- https://github.com/php/php-src
- Events
-
FixedIntroducedFixedIntroducedFixedIntroducedFixed
Database specific
vanir_signatures
[
{
"signature_type": "Line",
"target": {
"file": "sapi/fpm/fpm/fpm_unix.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"256365884870753358372710319244770316957",
"230611153719690024403978117961271284794",
"102921983361664405159817029964854163626",
"314773791019620477757473304779551723829"
]
},
"source": "https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84",
"id": "CVE-2018-10545-0ba347cc",
"signature_version": "v1"
},
{
"signature_type": "Function",
"target": {
"file": "sapi/fpm/fpm/fpm_unix.c",
"function": "fpm_unix_init_child"
},
"deprecated": false,
"digest": {
"length": 3862.0,
"function_hash": "287442094763772067342266346183851523533"
},
"source": "https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84",
"id": "CVE-2018-10545-3cbcde99",
"signature_version": "v1"
},
{
"signature_type": "Function",
"target": {
"file": "sapi/fpm/fpm/fpm_conf.c",
"function": "fpm_conf_dump"
},
"deprecated": false,
"digest": {
"length": 5732.0,
"function_hash": "277853390626986811607452198894226224441"
},
"source": "https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84",
"id": "CVE-2018-10545-4f93f49d",
"signature_version": "v1"
},
{
"signature_type": "Line",
"target": {
"file": "sapi/fpm/fpm/fpm_conf.c"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"256511797819681255547969006441959424448",
"170070270104641774874597543346518647493",
"121743950867872505806597948820614470705",
"242090551949141085346613766795016436438",
"295134697379924912630054271846860817862",
"260598572435739408847505379837062082534",
"216713436482603700555238819130138446343",
"304870878083177849104934347341857056093",
"108754229275187834165973092560493734346",
"173508882186227559114645650907357673409",
"42193457222507860198891650040648699561",
"256217340988184821380731613952953168297"
]
},
"source": "https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84",
"id": "CVE-2018-10545-acf8bc68",
"signature_version": "v1"
},
{
"signature_type": "Line",
"target": {
"file": "sapi/fpm/fpm/fpm_conf.h"
},
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"40588419778845794792413482029445539851",
"164442732053218752669806283308602697138",
"22712446989311435435055743798677487384",
"206944676588201666044630381716353874484"
]
},
"source": "https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84",
"id": "CVE-2018-10545-b65a498f",
"signature_version": "v1"
},
{
"signature_type": "Function",
"target": {
"file": "sapi/fpm/fpm/fpm_conf.c",
"function": "fpm_worker_pool_config_alloc"
},
"deprecated": false,
"digest": {
"length": 671.0,
"function_hash": "267983799647513806905976755268945309230"
},
"source": "https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84",
"id": "CVE-2018-10545-ff51c531",
"signature_version": "v1"
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-10545.json"