Your submission was sent successfully! Close

CVE-2017-7189

Published: 10 July 2019

main/streams/xp_socket.c in PHP 7.x before 2017-03-07 misparses fsockopen calls, such as by interpreting fsockopen('127.0.0.1:80', 443) as if the address/port were 127.0.0.1:80:443, which is later truncated to 127.0.0.1:80. This behavior has a security risk if the explicitly provided port number (i.e., 443 in this example) is hardcoded into an application as a security policy, but the hostname argument (i.e., 127.0.0.1:80 in this example) is obtained from untrusted input.

Notes

AuthorNote
mdeslaur
the commit for this was later reverted as it introduced a
regression. As of 2020-06-23, there is no upstream fix.
rodrigo-zaiden
As of 2022-02-04, there is still no upstream fix.
Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
php5
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

impish Does not exist

jammy Does not exist

precise Ignored
(end of ESM support, was deferred)
trusty Deferred

upstream Needs triage

xenial Does not exist

php7.0
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

impish Does not exist

jammy Does not exist

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Deferred

php7.2
Launchpad, Ubuntu, Debian
bionic Deferred

cosmic Ignored
(reached end-of-life)
disco Ignored
(reached end-of-life)
eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

impish Does not exist

jammy Does not exist

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Does not exist

php7.3
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

disco Does not exist

eoan Ignored
(reached end-of-life)
focal Does not exist

groovy Does not exist

hirsute Does not exist

impish Does not exist

jammy Does not exist

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Does not exist

Patches:
upstream: https://github.com/php/php-src/commit/bab0b99f376dac9170ac81382a5ed526938d595a
upstream: https://github.com/php/php-src/commit/cda7dcf4cacef3346f9dc2a4dc947e6a74769259
upstream: https://github.com/php/php-src/commit/bf3e2dce7b54988d82f16ee3564c14f1b5cd936b
upstream: https://github.com/php/php-src/commit/09ef61e3ca33d8f91b188cd0ad2512987671962b
php7.4
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Deferred

impish Does not exist

jammy Does not exist

trusty Does not exist

upstream Needs triage

xenial Does not exist

php8.0
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Does not exist

impish Ignored
(reached end-of-life)
jammy Does not exist

trusty Does not exist

upstream Needs triage

xenial Does not exist

php8.1
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Does not exist

impish Does not exist

jammy Deferred

trusty Does not exist

upstream Needs triage

xenial Does not exist