CVE-2018-10545

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-10545
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-10545.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-10545
Downstream
Related
Published
2018-04-29T21:29:00.277Z
Modified
2026-05-30T12:21:40.164274Z
Severity
  • 4.7 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpmunix.c makes a PRSET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process.

Database specific 
{
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "last_affected": "12.04"
                },
                {
                    "last_affected": "14.04"
                },
                {
                    "last_affected": "16.04"
                },
                {
                    "last_affected": "17.10"
                },
                {
                    "last_affected": "18.04"
                }
            ],
            "cpes": [
                "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
                "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"
            ],
            "vendor_product": "canonical:ubuntu_linux",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.0"
                },
                {
                    "last_affected": "8.0"
                },
                {
                    "last_affected": "9.0"
                }
            ],
            "cpes": [
                "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "debian:debian_linux",
            "source": "CPE_STRING"
        }
    ]
}
References

Affected packages

Git / github.com/php/php-src

Affected ranges

Type
GIT
Repo
https://github.com/php/php-src
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
404e8465429616e6cf04f5c4ad65ebef759c525b
Introduced
60fffd296abce5fc071f3c173c25a2696cf683c6
Fixed
b4c9234d03f0a2aab5b35dee0df08530626210d7
Introduced
0221e9f827632942225586687a33cfd554860d5e
Fixed
f52597c960e2e3f46fb96bf1d11b7b03ed338f84
Introduced
8148cbb78841c8ec0759c0836e7f35dec799d300
Fixed
e474a0439a9e89d98c2728ed4a1c9d029c107682
Database specific 
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "5.6.35"
        },
        {
            "introduced": "7.0.0"
        },
        {
            "fixed": "7.0.29"
        },
        {
            "introduced": "7.1.0"
        },
        {
            "fixed": "7.1.16"
        },
        {
            "introduced": "7.2.0"
        },
        {
            "fixed": "7.2.4"
        }
    ],
    "cpe": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
    "source": "CPE_RANGE"
}

Affected versions

Other
POST_64BIT_BRANCH_MERGE
POST_AST_MERGE
POST_PHP7_NSAPI_REMOVAL
POST_PHP7_REMOVALS
POST_PHPNG_MERGE
PRE_64BIT_BRANCH_MERGE
PRE_AST_MERGE
PRE_PHP7_EREG_MYSQL_REMOVALS
PRE_PHP7_NSAPI_REMOVAL
PRE_PHP7_REMOVALS
php-7.*
php-7.1.16RC1

Database specific

vanir_signatures 
[
    {
        "digest": {
            "line_hashes": [
                "256365884870753358372710319244770316957",
                "230611153719690024403978117961271284794",
                "102921983361664405159817029964854163626",
                "314773791019620477757473304779551723829"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2018-10545-0ba347cc",
        "signature_version": "v1",
        "target": {
            "file": "sapi/fpm/fpm/fpm_unix.c"
        },
        "deprecated": false,
        "signature_type": "Line",
        "source": "https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84"
    },
    {
        "digest": {
            "function_hash": "287442094763772067342266346183851523533",
            "length": 3862.0
        },
        "id": "CVE-2018-10545-3cbcde99",
        "signature_version": "v1",
        "target": {
            "file": "sapi/fpm/fpm/fpm_unix.c",
            "function": "fpm_unix_init_child"
        },
        "deprecated": false,
        "signature_type": "Function",
        "source": "https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84"
    },
    {
        "digest": {
            "function_hash": "277853390626986811607452198894226224441",
            "length": 5732.0
        },
        "id": "CVE-2018-10545-4f93f49d",
        "signature_version": "v1",
        "target": {
            "file": "sapi/fpm/fpm/fpm_conf.c",
            "function": "fpm_conf_dump"
        },
        "deprecated": false,
        "signature_type": "Function",
        "source": "https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84"
    },
    {
        "digest": {
            "line_hashes": [
                "256511797819681255547969006441959424448",
                "170070270104641774874597543346518647493",
                "121743950867872505806597948820614470705",
                "242090551949141085346613766795016436438",
                "295134697379924912630054271846860817862",
                "260598572435739408847505379837062082534",
                "216713436482603700555238819130138446343",
                "304870878083177849104934347341857056093",
                "108754229275187834165973092560493734346",
                "173508882186227559114645650907357673409",
                "42193457222507860198891650040648699561",
                "256217340988184821380731613952953168297"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2018-10545-acf8bc68",
        "signature_version": "v1",
        "target": {
            "file": "sapi/fpm/fpm/fpm_conf.c"
        },
        "deprecated": false,
        "signature_type": "Line",
        "source": "https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84"
    },
    {
        "digest": {
            "line_hashes": [
                "40588419778845794792413482029445539851",
                "164442732053218752669806283308602697138",
                "22712446989311435435055743798677487384",
                "206944676588201666044630381716353874484"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2018-10545-b65a498f",
        "signature_version": "v1",
        "target": {
            "file": "sapi/fpm/fpm/fpm_conf.h"
        },
        "deprecated": false,
        "signature_type": "Line",
        "source": "https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84"
    },
    {
        "digest": {
            "function_hash": "267983799647513806905976755268945309230",
            "length": 671.0
        },
        "id": "CVE-2018-10545-ff51c531",
        "signature_version": "v1",
        "target": {
            "file": "sapi/fpm/fpm/fpm_conf.c",
            "function": "fpm_worker_pool_config_alloc"
        },
        "deprecated": false,
        "signature_type": "Function",
        "source": "https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84"
    }
]
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-10545.json"
vanir_signatures_modified 
"2026-05-30T12:21:40Z"