Vulmon
Amazon Linux 2 Security Advisory: ALASPHP8.0-2023-007
Advisory Release Date: 2023-08-21 21:00 Pacific
Advisory Updated Date: 2023-09-13 19:32 Pacific
Severity:
Medium
Issue Overview:
A flaw was found in PHP. The vulnerability occurs due to the malformed php_filter_float() function and leads to a use-after-free vulnerability. This flaw allows an attacker to inject a malicious file, leading to a crash or a Segmentation fault. (CVE-2021-21708)
Affected Packages:
php
Issue Correction:
Run yum update php to update your system.
New Packages:
aarch64:
php-8.0.16-1.amzn2.aarch64
php-cli-8.0.16-1.amzn2.aarch64
php-dbg-8.0.16-1.amzn2.aarch64
php-fpm-8.0.16-1.amzn2.aarch64
php-common-8.0.16-1.amzn2.aarch64
php-devel-8.0.16-1.amzn2.aarch64
php-opcache-8.0.16-1.amzn2.aarch64
php-ldap-8.0.16-1.amzn2.aarch64
php-pdo-8.0.16-1.amzn2.aarch64
php-mysqlnd-8.0.16-1.amzn2.aarch64
php-pgsql-8.0.16-1.amzn2.aarch64
php-process-8.0.16-1.amzn2.aarch64
php-odbc-8.0.16-1.amzn2.aarch64
php-soap-8.0.16-1.amzn2.aarch64
php-snmp-8.0.16-1.amzn2.aarch64
php-xml-8.0.16-1.amzn2.aarch64
php-mbstring-8.0.16-1.amzn2.aarch64
php-gd-8.0.16-1.amzn2.aarch64
php-bcmath-8.0.16-1.amzn2.aarch64
php-gmp-8.0.16-1.amzn2.aarch64
php-dba-8.0.16-1.amzn2.aarch64
php-embedded-8.0.16-1.amzn2.aarch64
php-pspell-8.0.16-1.amzn2.aarch64
php-intl-8.0.16-1.amzn2.aarch64
php-enchant-8.0.16-1.amzn2.aarch64
php-sodium-8.0.16-1.amzn2.aarch64
php-debuginfo-8.0.16-1.amzn2.aarch64
src:
php-8.0.16-1.amzn2.src
x86_64:
php-8.0.16-1.amzn2.x86_64
php-cli-8.0.16-1.amzn2.x86_64
php-dbg-8.0.16-1.amzn2.x86_64
php-fpm-8.0.16-1.amzn2.x86_64
php-common-8.0.16-1.amzn2.x86_64
php-devel-8.0.16-1.amzn2.x86_64
php-opcache-8.0.16-1.amzn2.x86_64
php-ldap-8.0.16-1.amzn2.x86_64
php-pdo-8.0.16-1.amzn2.x86_64
php-mysqlnd-8.0.16-1.amzn2.x86_64
php-pgsql-8.0.16-1.amzn2.x86_64
php-process-8.0.16-1.amzn2.x86_64
php-odbc-8.0.16-1.amzn2.x86_64
php-soap-8.0.16-1.amzn2.x86_64
php-snmp-8.0.16-1.amzn2.x86_64
php-xml-8.0.16-1.amzn2.x86_64
php-mbstring-8.0.16-1.amzn2.x86_64
php-gd-8.0.16-1.amzn2.x86_64
php-bcmath-8.0.16-1.amzn2.x86_64
php-gmp-8.0.16-1.amzn2.x86_64
php-dba-8.0.16-1.amzn2.x86_64
php-embedded-8.0.16-1.amzn2.x86_64
php-pspell-8.0.16-1.amzn2.x86_64
php-intl-8.0.16-1.amzn2.x86_64
php-enchant-8.0.16-1.amzn2.x86_64
php-sodium-8.0.16-1.amzn2.x86_64
php-debuginfo-8.0.16-1.amzn2.x86_64