CVE-2018-10545

MEDIUM

PHP < 5.6.35, 7.0.x < 7.0.29, 7.1.x < 7.1.16, 7.2.x < 7.2.4 - Sensitive Info Exposure via FPM

Title source: llm
STIX 2.1

Description

An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process.

References (13)

Core 13
Core References
Issue Tracking, Patch, Vendor Advisory x_refsource_confirm
https://bugs.php.net/bug.php?id=75605
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/3646-2/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/104022
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2018/dsa-4240
Third Party Advisory x_refsource_confirm
https://www.tenable.com/security/tns-2018-12
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/3646-1/
Patch, Vendor Advisory x_refsource_confirm
http://php.net/ChangeLog-5.php
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html
Patch, Vendor Advisory x_refsource_confirm
http://php.net/ChangeLog-7.php
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201812-01
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20180607-0003/
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:2519

Scores

CVSS v3 4.7
EPSS 0.0004
EPSS Percentile 14.0%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (10)
canonical/ubuntu_linux 12.04
canonical/ubuntu_linux 14.04
canonical/ubuntu_linux 16.04
canonical/ubuntu_linux 17.10
canonical/ubuntu_linux 18.04
debian/debian_linux 7.0
debian/debian_linux 8.0
debian/debian_linux 9.0
netapp/storage_automation_store
php/php < 5.6.35
Published Apr 29, 2018
Tracked Since Feb 18, 2026