vulnerability
Amazon Linux 2023: CVE-2023-3824: Important priority package update for php8.2 (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:M/Au:N/C:P/I:P/A:C) | Aug 3, 2023 | Feb 17, 2025 | Jul 8, 2025 |
Severity
8
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:C)
Published
Aug 3, 2023
Added
Feb 17, 2025
Modified
Jul 8, 2025
Description
In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
A flaw was found in PHP that can lead to a buffer overflow and a stack information leak due to improper bounds checking within the phar_dir_read() function. This issue may allow an attacker to initiate memory corruption by compelling the application to open a specially crafted .phar archive, allowing the attacker to corrupt memory or cause a denial of service condition.
A flaw was found in PHP that can lead to a buffer overflow and a stack information leak due to improper bounds checking within the phar_dir_read() function. This issue may allow an attacker to initiate memory corruption by compelling the application to open a specially crafted .phar archive, allowing the attacker to corrupt memory or cause a denial of service condition.
Solutions
amazon-linux-2023-upgrade-php8-1amazon-linux-2023-upgrade-php8-1-bcmathamazon-linux-2023-upgrade-php8-1-bcmath-debuginfoamazon-linux-2023-upgrade-php8-1-cliamazon-linux-2023-upgrade-php8-1-cli-debuginfoamazon-linux-2023-upgrade-php8-1-commonamazon-linux-2023-upgrade-php8-1-common-debuginfoamazon-linux-2023-upgrade-php8-1-dbaamazon-linux-2023-upgrade-php8-1-dba-debuginfoamazon-linux-2023-upgrade-php8-1-dbgamazon-linux-2023-upgrade-php8-1-dbg-debuginfoamazon-linux-2023-upgrade-php8-1-debuginfoamazon-linux-2023-upgrade-php8-1-debugsourceamazon-linux-2023-upgrade-php8-1-develamazon-linux-2023-upgrade-php8-1-embeddedamazon-linux-2023-upgrade-php8-1-embedded-debuginfoamazon-linux-2023-upgrade-php8-1-enchantamazon-linux-2023-upgrade-php8-1-enchant-debuginfoamazon-linux-2023-upgrade-php8-1-ffiamazon-linux-2023-upgrade-php8-1-ffi-debuginfoamazon-linux-2023-upgrade-php8-1-fpmamazon-linux-2023-upgrade-php8-1-fpm-debuginfoamazon-linux-2023-upgrade-php8-1-gdamazon-linux-2023-upgrade-php8-1-gd-debuginfoamazon-linux-2023-upgrade-php8-1-gmpamazon-linux-2023-upgrade-php8-1-gmp-debuginfoamazon-linux-2023-upgrade-php8-1-intlamazon-linux-2023-upgrade-php8-1-intl-debuginfoamazon-linux-2023-upgrade-php8-1-ldapamazon-linux-2023-upgrade-php8-1-ldap-debuginfoamazon-linux-2023-upgrade-php8-1-mbstringamazon-linux-2023-upgrade-php8-1-mbstring-debuginfoamazon-linux-2023-upgrade-php8-1-mysqlndamazon-linux-2023-upgrade-php8-1-mysqlnd-debuginfoamazon-linux-2023-upgrade-php8-1-odbcamazon-linux-2023-upgrade-php8-1-odbc-debuginfoamazon-linux-2023-upgrade-php8-1-opcacheamazon-linux-2023-upgrade-php8-1-opcache-debuginfoamazon-linux-2023-upgrade-php8-1-pdoamazon-linux-2023-upgrade-php8-1-pdo-debuginfoamazon-linux-2023-upgrade-php8-1-pgsqlamazon-linux-2023-upgrade-php8-1-pgsql-debuginfoamazon-linux-2023-upgrade-php8-1-processamazon-linux-2023-upgrade-php8-1-process-debuginfoamazon-linux-2023-upgrade-php8-1-pspellamazon-linux-2023-upgrade-php8-1-pspell-debuginfoamazon-linux-2023-upgrade-php8-1-snmpamazon-linux-2023-upgrade-php8-1-snmp-debuginfoamazon-linux-2023-upgrade-php8-1-soapamazon-linux-2023-upgrade-php8-1-soap-debuginfoamazon-linux-2023-upgrade-php8-1-tidyamazon-linux-2023-upgrade-php8-1-tidy-debuginfoamazon-linux-2023-upgrade-php8-1-xmlamazon-linux-2023-upgrade-php8-1-xml-debuginfoamazon-linux-2023-upgrade-php8-2amazon-linux-2023-upgrade-php8-2-bcmathamazon-linux-2023-upgrade-php8-2-bcmath-debuginfoamazon-linux-2023-upgrade-php8-2-cliamazon-linux-2023-upgrade-php8-2-cli-debuginfoamazon-linux-2023-upgrade-php8-2-commonamazon-linux-2023-upgrade-php8-2-common-debuginfoamazon-linux-2023-upgrade-php8-2-dbaamazon-linux-2023-upgrade-php8-2-dba-debuginfoamazon-linux-2023-upgrade-php8-2-dbgamazon-linux-2023-upgrade-php8-2-dbg-debuginfoamazon-linux-2023-upgrade-php8-2-debuginfoamazon-linux-2023-upgrade-php8-2-debugsourceamazon-linux-2023-upgrade-php8-2-develamazon-linux-2023-upgrade-php8-2-embeddedamazon-linux-2023-upgrade-php8-2-embedded-debuginfoamazon-linux-2023-upgrade-php8-2-enchantamazon-linux-2023-upgrade-php8-2-enchant-debuginfoamazon-linux-2023-upgrade-php8-2-ffiamazon-linux-2023-upgrade-php8-2-ffi-debuginfoamazon-linux-2023-upgrade-php8-2-fpmamazon-linux-2023-upgrade-php8-2-fpm-debuginfoamazon-linux-2023-upgrade-php8-2-gdamazon-linux-2023-upgrade-php8-2-gd-debuginfoamazon-linux-2023-upgrade-php8-2-gmpamazon-linux-2023-upgrade-php8-2-gmp-debuginfoamazon-linux-2023-upgrade-php8-2-intlamazon-linux-2023-upgrade-php8-2-intl-debuginfoamazon-linux-2023-upgrade-php8-2-ldapamazon-linux-2023-upgrade-php8-2-ldap-debuginfoamazon-linux-2023-upgrade-php8-2-mbstringamazon-linux-2023-upgrade-php8-2-mbstring-debuginfoamazon-linux-2023-upgrade-php8-2-mysqlndamazon-linux-2023-upgrade-php8-2-mysqlnd-debuginfoamazon-linux-2023-upgrade-php8-2-odbcamazon-linux-2023-upgrade-php8-2-odbc-debuginfoamazon-linux-2023-upgrade-php8-2-opcacheamazon-linux-2023-upgrade-php8-2-opcache-debuginfoamazon-linux-2023-upgrade-php8-2-pdoamazon-linux-2023-upgrade-php8-2-pdo-debuginfoamazon-linux-2023-upgrade-php8-2-pgsqlamazon-linux-2023-upgrade-php8-2-pgsql-debuginfoamazon-linux-2023-upgrade-php8-2-processamazon-linux-2023-upgrade-php8-2-process-debuginfoamazon-linux-2023-upgrade-php8-2-pspellamazon-linux-2023-upgrade-php8-2-pspell-debuginfoamazon-linux-2023-upgrade-php8-2-snmpamazon-linux-2023-upgrade-php8-2-snmp-debuginfoamazon-linux-2023-upgrade-php8-2-soapamazon-linux-2023-upgrade-php8-2-soap-debuginfoamazon-linux-2023-upgrade-php8-2-tidyamazon-linux-2023-upgrade-php8-2-tidy-debuginfoamazon-linux-2023-upgrade-php8-2-xmlamazon-linux-2023-upgrade-php8-2-xml-debuginfo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.