CVE-2019-11043 — HIGH (8.7)

Q: How severe is CVE-2019-11043?

CVE-2019-11043 has been rated HIGH with a CVSS base score of 8.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-11043?

Check the references section above for vendor advisories and patch information. Affected products include: Php Php, Canonical Ubuntu Linux, Debian Debian Linux, Fedoraproject Fedora, Tenable Tenable.Sc.

Vulnerability Description

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.

CVSS Score

8.7

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Php	Php	>= 7.1.0, < 7.1.33
Canonical	Ubuntu Linux	12.04
Debian	Debian Linux	9.0
Fedoraproject	Fedora	29
Tenable	Tenable.Sc	< 5.19.0
Redhat	Software Collections	1.0
Redhat	Enterprise Linux	8.0
Redhat	Enterprise Linux Desktop	6.0
Redhat	Enterprise Linux Eus	7.7
Redhat	Enterprise Linux Eus Compute Node	7.7
Redhat	Enterprise Linux For Arm 64	8.0_aarch64
Redhat	Enterprise Linux For Arm 64 Eus	8.1_aarch64
Redhat	Enterprise Linux For Ibm Z Systems	6.0_s390x
Redhat	Enterprise Linux For Ibm Z Systems Eus	7.7_s390x
Redhat	Enterprise Linux For Power Big Endian	6.0_ppc64
Redhat	Enterprise Linux For Power Big Endian Eus	7.7_ppc64
Redhat	Enterprise Linux For Power Little Endian	7.0_ppc64le
Redhat	Enterprise Linux For Power Little Endian Eus	7.7_ppc64le
Redhat	Enterprise Linux For Scientific Computing	7.0
Redhat	Enterprise Linux Server	6.0

Related Weaknesses (CWE)

CWE-120 CWE-787

References

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.htmlMailing ListThird Party Advisory
http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.htExploitThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2020/Jan/40Mailing ListThird Party Advisory
https://access.redhat.com/errata/RHSA-2019:3286Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3287Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3299Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3300Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3724Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3735Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3736Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0322Third Party Advisory
https://bugs.php.net/bug.php?id=78599ExploitIssue TrackingPatch
https://github.com/neex/phuip-fpizdamExploitThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproMailing ListThird Party Advisory

FAQ

What is CVE-2019-11043?

CVE-2019-11043 is a vulnerability with a CVSS score of 8.7 (HIGH). In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space r...

How severe is CVE-2019-11043?

CVE-2019-11043 has been rated HIGH with a CVSS base score of 8.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-11043?

Check the references section above for vendor advisories and patch information. Affected products include: Php Php, Canonical Ubuntu Linux, Debian Debian Linux, Fedoraproject Fedora, Tenable Tenable.Sc.