CVE-2015-6835 in Ubuntu

CVE-2015-6835

Priority

Description

The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, and
5.6.x before 5.6.13 mishandles multiple php_var_unserialize calls, which
allow remote attackers to execute arbitrary code or cause a denial of
service (use-after-free) via crafted session content.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6835
http://www.openwall.com/lists/oss-security/2015/09/07/5
https://usn.ubuntu.com/usn/usn-2758-1

Bugs

https://bugs.php.net/bug.php?id=70219

Assigned-to

mdeslaur

Notes

Package

Source: php5 (LP Ubuntu Debian)

Upstream:	released (5.5.29,5.6.13)
Ubuntu 14.04 ESM (Trusty Tahr):	released (5.5.9+dfsg-1ubuntu4.13)

Patches:

Upstream:	http://git.php.net/?p=php-src.git;a=commit;h=df4bf28f9f104ca3ef78ed94b497859f15b004e5
Upstream:	http://git.php.net/?p=php-src.git;a=commit;h=fc8eff897bd7fe3fed7f6867d2d6a86117a5278d
Upstream:	http://git.php.net/?p=php-src.git;a=commit;h=9c35f87e9aac29fb8f574f99edc09b344380aef0
Upstream:	http://git.php.net/?p=php-src.git;a=commit;h=6290344d96bc31a5c4f682ac5d94d9f30c01d4df
Upstream:	http://git.php.net/?p=php-src.git;a=commit;h=37c85ebb9469b4411bb5d144e6d9ec525ea552a1

More Information

Updated: 2019-12-05 18:42:47 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)