CVE-2019-3570
CRITICALFacebook Hiphop Virtual Machine < 3.30.5 - Out-of-Bounds Write
Title source: ruleDescription
Call to the scrypt_enc() function in HHVM can lead to heap corruption by using specifically crafted parameters (N, r and p). This happens if the parameters are configurable by an attacker for instance by providing the output of scrypt_enc() in a context where Hack/PHP code would attempt to verify it by re-running scrypt_enc() with the same parameters. This could result in information disclosure, memory being overwriten or crashes of the HHVM process. This issue affects versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.7.0, 4.8.0, versions 3.30.5 and below, and all versions in the 4.0, 4.1, and 4.2 series.
References (2)
Core 2
Core References
Patch, Third Party Advisory x_refsource_confirm
https://github.com/facebook/hhvm/commit/cc331e4349e91706a673e2a09f1f2ea5bbb33815
Release Notes, Vendor Advisory x_refsource_confirm
https://hhvm.com/blog/2019/06/10/hhvm-4.9.0.html
Scores
CVSS v3
9.8
EPSS
0.0061
EPSS Percentile
69.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-122
CWE-787
Status
published
Products (9)
facebook/hiphop_virtual_machine
4.1.0
facebook/hiphop_virtual_machine
4.2.0
facebook/hiphop_virtual_machine
4.3.0
facebook/hiphop_virtual_machine
4.4.0
facebook/hiphop_virtual_machine
4.5.0
facebook/hiphop_virtual_machine
4.6.0
facebook/hiphop_virtual_machine
4.7.0
facebook/hiphop_virtual_machine
4.8.0
facebook/hiphop_virtual_machine
< 3.30.5
Published
Jul 18, 2019
Tracked Since
Feb 18, 2026