CVE-2022-31628

Description

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

CVSS Metrics

• v3.1•LOW•Score: 2.3CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
• v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.01%• Percentile: 3%

Techniques & Countermeasures

• CWE-674•Uncontrolled Recursion

  The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.

• CWE-835•Loop with Unreachable Exit Condition ('Infinite Loop')

  The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Affected Systems

• debian•debian_linux

  10.0 | 11.0

• fedoraproject•fedora

  35 | 36 | 37

• Unknown•PHP

  ≥ 7.4.X, < 7.4.31 | ≥ 8.0.X, < 8.0.24 | ≥ 8.1.X, < 8.1.11

• Unknown•PHP

  < 7.4.31 | ≥ 8.0.0, < 8.0.24 | ≥ 8.1.0, < 8.1.11

References (8)

• https://bugs.php.net/bug.php?id=81726
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/
• https://www.debian.org/security/2022/dsa-5277
• https://security.gentoo.org/glsa/202211-03
• https://security.netapp.com/advisory/ntap-20221209-0001/
• https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html