MGASA-2021-0501
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 31 Oct 2021, 11:12
Last modified:16 Apr 2026, 04:24
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
31 Oct 2021, 11:12
Published
Vulnerability first disclosed
16 Apr 2026, 04:24
Last Modified
Vulnerability information updated
Description
Updated php packages fix security vulnerability Updated php packages fix security vulnerability: In PHP versions 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user (CVE-2021-21703). The php packages have been updated to 8.0.12 that fixes this issue and other bugs.
Affected Systems
- mageia•php
< 8.0.12-1.mga8