Integer overflow in the firebird and dblib quoters causing OOB writes

Kurzinfo

Veroeffentlicht: 2024-11-21 18:15 UTC Importiert: 2026-05-14 18:44 UTC Quelle-ID: php_sec uid_hash: d4a26e66a7961c23bbbd69cfb9ddc24189eb35f207fb15df21d98c81601f8cdc

PHP Security (php/php-src GHSA)

Inhalt

Impact

The following code: https://github.com/php/php-src/blob/5070fbf1613015e351bc4629ac7997b26359320b/ext/pdo_firebird/firebird_driver.c#L805-L808

and the following code: https://github.com/php/php-src/blob/c34b37fe0b5c099fcf506c5400552d6bbb95cd79/ext/pdo_dblib/dblib_driver.c#L164-L174

Can cause integer overflow, or can become a value over ZSTR_MAX_LEN causing an overflow, which eventually turns into an OOB write. This is triggerable on 32-bit especially.

Verknuepfte CVEs

CVE-ID	Severity (CVE.org)	CVSS (CVE.org)	EPSS	EPSS-%	Veroeffentlicht (CVE.org)
CVE-2024-11236	-	-	-	-

Quellen-Details

Bezeichnung	Name	Kategorie	Tags	Zielgruppe	Sprache	Feed-URL
PHP Security (php/php-src GHSA)	php_sec	vendor_advisory	php, runtime	-	de	https://github.com/php/php-src/security/advisories

Zurueck zur Eintrags-Liste