CVE-2024-2757
Published: 29 April 2024
In PHP 8.3.* before 8.3.5, function mb_encode_mimeheader() runs endlessly for some inputs that contain long strings of non-space characters followed by a space. This could lead to a potential DoS attack if a hostile user sends data to an application that uses this function.
Notes
Author | Note |
---|---|
leosilva | version in noble is not affected see (LP: #2061147) only affects 8.3 |
Priority
Status
Package | Release | Status |
---|---|---|
php5 Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Not vulnerable
|
|
upstream |
Not vulnerable
|
|
php7.0 Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Not vulnerable
|
|
php7.2 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Not vulnerable
|
|
php7.4 Launchpad, Ubuntu, Debian |
focal |
Not vulnerable
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Not vulnerable
|
|
php8.1 Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Not vulnerable
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Not vulnerable
|
|
php8.2 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Not vulnerable
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
php8.3 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Released
(8.3.6-0maysync1)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(8.3.6)
|
|
xenial |
Does not exist
|
|
Patches: upstream: https://github.com/php/php-src/commit/3394efc63e52a017995f92d8da4ef28224247bb3 |