CVE-2023-3247

Publication date 19 June 2023

Last updated 24 July 2024

Ubuntu priority

Cvss 3 Severity Score

In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client’s nonce.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
php5	23.10 mantic	Not in release
	23.04 lunar	Not in release
	22.10 kinetic	Not in release
	22.04 LTS jammy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Ignored end of ESM support, was ignored [fix not applicable]
php7.0	23.10 mantic	Not in release
	23.04 lunar	Not in release
	22.10 kinetic	Not in release
	22.04 LTS jammy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not in release
	16.04 LTS xenial	Fixed 7.0.33-0ubuntu0.16.04.16+esm7 Ubuntu Pro
	14.04 LTS trusty	Not in release
php7.2	23.10 mantic	Not in release
	23.04 lunar	Not in release
	22.10 kinetic	Not in release
	22.04 LTS jammy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Fixed 7.2.24-0ubuntu0.18.04.17+esm1 Ubuntu Pro
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
php7.4	23.10 mantic	Not in release
	23.04 lunar	Not in release
	22.10 kinetic	Not in release
	22.04 LTS jammy	Not in release
	20.04 LTS focal	Fixed 7.4.3-4ubuntu2.19
	18.04 LTS bionic	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
php8.1	23.10 mantic	Not in release
	23.04 lunar	Fixed 8.1.12-1ubuntu4.2
	22.10 kinetic	Fixed 8.1.7-1ubuntu3.5
	22.04 LTS jammy	Fixed 8.1.2-1ubuntu2.13
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
php8.2	23.10 mantic	Not affected
	23.04 lunar	Not in release
	22.10 kinetic	Not in release
	22.04 LTS jammy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Ignored end of standard support
	16.04 LTS xenial	Ignored end of standard support
	14.04 LTS trusty	Ignored end of standard support

Get expanded security coverage with Ubuntu Pro

Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.

Get Ubuntu Pro

Notes

sbeattie

PEAR issues should go against php-pear as of xenial

rodrigo-zaiden

the method php_random_bytes_throw that is being used for nonce generation was added in php7.0 with CSPRNG API, so patching versions older than that is not feasible as it would would likely add other issues.

Severity score breakdown

Parameter	Value
Base score	4.3 · Medium
Attack vector	Network
Attack complexity	Low
Privileges required	Low
User interaction	None
Scope	Unchanged
Confidentiality	Low
Integrity impact	None
Availability impact	None
Vector	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N