CVE-2016-5769 (retired)

Priority
Description
Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP
before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote
attackers to cause a denial of service (heap-based buffer overflow and
application crash) or possibly have unspecified other impact via a crafted
length value, related to the (1) mcrypt_generic and (2) mdecrypt_generic
functions.
Notes
 sarnold> The fix relies upon signed multiplication turning into negative
  numbers. Since this is undefined in C, the fix doesn't feel complete or
  or correct to me.
Package
Source: php5 (LP Ubuntu Debian)
Upstream:released (5.6.23)
Ubuntu 14.04 LTS (Trusty Tahr):released (5.5.9+dfsg-1ubuntu4.19)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
Upstream:http://git.php.net/?p=php-src.git;a=commit;h=6c5211a0cef0cc2854eaa387e0eb036e012904d0
Package
Upstream:released (7.0.8)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (7.0.8-0ubuntu0.16.04.1)
Patches:
Upstream:http://git.php.net/?p=php-src.git;a=commit;h=6c5211a0cef0cc2854eaa387e0eb036e012904d0
More Information

Updated: 2019-03-26 12:22:16 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)