CVE-2018-12882

Priority
Description
exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows
attackers to trigger a use-after-free (in exif_read_from_file) because it
closes a stream that it is not responsible for closing. The vulnerable code
is reachable through the PHP exif_read_data function.
Assigned-to
mdeslaur
Notes
mdeslauronly affects 7.2.x
USN-3702-1 didn't actually fix this issue, the patch wasn't
included in 7.2.7. Another security update will be published
with the patch included.
Package
Source: php5 (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (5.5.9+dfsg-1ubuntu4.25)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (7.0.30-0ubuntu0.16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (7.2.7-0ubuntu0.18.04.2)
Patches:
Upstream:http://git.php.net/?p=php-src.git;a=commit;h=3fdde65617e9f954e2c964768aac8831005497e5
Upstream:http://git.php.net/?p=php-src.git;a=commit;h=66badcdc0cafe87ca7f962da7ce18db6c6644e4c
More Information

Updated: 2020-09-10 05:49:25 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)