USN-4375-1: PHP vulnerability

27 May 2020

PHP could be made to crash if it received a specially crafted file.

Releases

Packages

  • php5 - HTML-embedded scripting language interpreter
  • php7.0 - HTML-embedded scripting language interpreter
  • php7.2 - HTML-embedded scripting language interpreter
  • php7.3 - server-side, HTML-embedded scripting language (metapackage)
  • php7.4 - server-side, HTML-embedded scripting language (metapackage)

Details

It was discovered that PHP incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.

References