CVE-2022-31626

Published: 13 June 2022

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability.

Priority

CVSS 3 base score: 8.8

Status

Package	Release	Status
php5 Launchpad, Ubuntu, Debian	bionic	Does not exist
	focal	Does not exist
	impish	Does not exist
	jammy	Does not exist
	trusty	Needs triage
	upstream	Needs triage
	xenial	Does not exist
php7.0 Launchpad, Ubuntu, Debian	bionic	Does not exist
	focal	Does not exist
	impish	Does not exist
	jammy	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	xenial	Released (7.0.33-0ubuntu0.16.04.16+esm4)
php7.2 Launchpad, Ubuntu, Debian	bionic	Released (7.2.24-0ubuntu0.18.04.12)
	focal	Does not exist
	impish	Does not exist
	jammy	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist
php7.4 Launchpad, Ubuntu, Debian	bionic	Does not exist
	focal	Released (7.4.3-4ubuntu2.12)
	impish	Does not exist
	jammy	Does not exist
	trusty	Does not exist
	upstream	Released (7.4.30)
	xenial	Does not exist
	Patches: upstream: https://github.com/php/php-src/commit/58006537fc5f133ae8549efe5118cde418b3ace9
php8.0 Launchpad, Ubuntu, Debian	bionic	Does not exist
	focal	Does not exist
	impish	Released (8.0.8-1ubuntu0.4)
	jammy	Does not exist
	trusty	Does not exist
	upstream	Released (8.0.20)
	xenial	Does not exist
php8.1 Launchpad, Ubuntu, Debian	bionic	Does not exist
	focal	Does not exist
	impish	Does not exist
	jammy	Released (8.1.2-1ubuntu2.1)
	trusty	Does not exist
	upstream	Released (8.1.7)
	xenial	Does not exist

References

Bugs

https://bugs.php.net/bug.php?id=81719

Security

CVE-2022-31626

Medium

Status

References

Bugs

Join the discussion

Canonical is offering Extended Security Maintenance

Further reading