osv-2021-736
Vulnerability from osv_ossfuzz
Published
2021-05-08 00:00
Modified
2023-02-24 04:50
Summary
Stack-use-after-return in zend_fiber_suspend_context
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34013

Crash type: Stack-use-after-return READ 4
Crash state:
zend_fiber_suspend_context
zend_fiber_suspend
zim_Fiber_suspend

{
  "affected": [
    {
      "package": {
        "ecosystem": "OSS-Fuzz",
        "name": "php"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "b52106f6b984562113d8d871bed975921c20bf97"
            },
            {
              "fixed": "ed33262dbbc9a39c43c5de75be6aa89c1a3a71a8"
            },
            {
              "introduced": "00d8e26d71139234f803c37d0d8b061868882f83"
            },
            {
              "introduced": "0ba0f15256af6c2753a3b4152d5c48f7836efa49"
            },
            {
              "introduced": "1070d62ee72629fa5477324d8b2f982b88a2528f"
            },
            {
              "introduced": "123db9f56ce6875378bf8e9d05b03f8ab7fdee55"
            },
            {
              "introduced": "17209a7088b0ddd1dd3e7827ed0621fc98cd75b7"
            },
            {
              "introduced": "17e1cd60fc3ec2d753a88dc6073ab0dce8b3a4f1"
            },
            {
              "introduced": "27b29b815e05e6d15ec31df8f3746f54a09c4328"
            },
            {
              "introduced": "2a069e04036a72249e67d882b57a9b3f39b4b1c3"
            },
            {
              "introduced": "301b7f990af5011a5b468b4fb5a6178b8d5ca66e"
            },
            {
              "introduced": "3036e6c4d82de66f4f035d4e9d680d44d1b7ded9"
            },
            {
              "introduced": "33926b19d09d54ee43854eb59a987cd812179a7f"
            },
            {
              "introduced": "37ae1b47188f3a282160d9a71d23767cc7cc585e"
            },
            {
              "introduced": "3b52256bd10f5af65da17bfb1f43a960c74a6f54"
            },
            {
              "introduced": "3b547e6fc4296ee3b1cf5046a4d6e43326b78384"
            },
            {
              "introduced": "43a909e06817412700ceb76e9fec6474996b844f"
            },
            {
              "introduced": "4ada1c79160bc145a1dac04b4f62835c3510500b"
            },
            {
              "introduced": "58eeb00bb33e567cd22cfe3a4c713f2d75768ecb"
            },
            {
              "introduced": "65269c9b934f7a2ca70cc28369d66633b7d2a19f"
            },
            {
              "introduced": "6bccb495839e88fc6d79af0246dcc3955bbd9427"
            },
            {
              "introduced": "6fb3b267969abeb3ec4d447fd157c1b85b960eed"
            },
            {
              "introduced": "714fb75d9b74de30d42d77552fb59c38e44ad1ca"
            },
            {
              "introduced": "7298d563f7ad724045925a7271c6aef8817a17ff"
            },
            {
              "introduced": "736bdf7117b735ae163b9eb4ad621fb166abc8ac"
            },
            {
              "introduced": "745ed40cba52f465582f949eb5a3e4dd575b474f"
            },
            {
              "introduced": "7e2d5315ecb37eb37ad096e4aaa8d31705bf1e17"
            },
            {
              "introduced": "8455d6ade63630b95b6ffb3285728643250109ee"
            },
            {
              "introduced": "8605e1b037f01a2c70603d364d6af4ae3f61b5f3"
            },
            {
              "introduced": "899ad830b6c3bd7d3851349bc814b8f87cc94c71"
            },
            {
              "introduced": "8d89d8027e26d8eea3e137ace01da9c622cb17ac"
            },
            {
              "introduced": "90df9a211aa05a0a015bfb3261effac006f18e82"
            },
            {
              "introduced": "912ddaaf61c93423ede235b7a33c06ff6ed1b1ad"
            },
            {
              "introduced": "9e2cb7317eb4d246f584eb7dcf8734b6b5d5e938"
            },
            {
              "introduced": "a2d8219e2c4040a610eb2dc8934db7da532b3c61"
            },
            {
              "introduced": "a81a2e407ef85509b2f02b3957f005425895aa78"
            },
            {
              "introduced": "ad8c3adc66bd8744516c96a322cdad6a04205e2b"
            },
            {
              "introduced": "b3a855d760d8b66f4b71e0c9d577102be0a8b76b"
            },
            {
              "introduced": "b59c7c730777b7c21ac27ce6917432c8e6b2023e"
            },
            {
              "introduced": "b690e283d0fd782c87f661df40b0f139cb0872c6"
            },
            {
              "introduced": "b7bce464b7f2ecf1fb0013642590e0e8e20b4e38"
            },
            {
              "introduced": "b925f2a7ec615b2c6fbf1fa54d24affa5c187acd"
            },
            {
              "introduced": "c89b7e195ce61545b59c75dfb45a81e56ae7f8eb"
            },
            {
              "introduced": "ce4ba5458348fbfd608128da9f4dac21fe836e9d"
            },
            {
              "introduced": "d0655ecd026801ed117f9dcd6c6e2bb1aab59ebe"
            },
            {
              "introduced": "d2c593017d56b35fb638fb1fb2fe4ea00fbc6698"
            },
            {
              "introduced": "dbae8e906584260eaa4bff15727b6496ac1314eb"
            },
            {
              "introduced": "dca939abe583db575f95829da3ad51a58b2baf03"
            },
            {
              "introduced": "dea576766e2a90f2d5ced391b2ab20f1b1a6a2e9"
            },
            {
              "introduced": "e0b6c4ba12df4d24099aa0ba682d4d8a3110c8a8"
            },
            {
              "introduced": "e428053dac4a5a6a49d244d848582d5022776c51"
            },
            {
              "introduced": "e728aa6cdca4f71a83816f2559c4f53e9506f06d"
            },
            {
              "introduced": "faf497c2ed60abfab0e8a6782bcd1df51fb73ece"
            },
            {
              "fixed": "e5b6f43ec7813392d83ea586b7902e0396a1f792"
            }
          ],
          "repo": "https://github.com/php/php-src.git",
          "type": "GIT"
        }
      ],
      "versions": [
        "NEWS",
        "NEWS-cvs2svn",
        "POST_64BIT_BRANCH_MERGE",
        "POST_AST_MERGE",
        "POST_NATIVE_TLS_MERGE",
        "POST_PHP7_EREG_MYSQL_REMOVALS",
        "POST_PHP7_NSAPI_REMOVAL",
        "POST_PHP7_REMOVALS",
        "POST_PHPNG_MERGE",
        "PRE_64BIT_BRANCH_MERGE",
        "PRE_AST_MERGE",
        "PRE_NATIVE_TLS_MERGE",
        "PRE_PHP7_EREG_MYSQL_REMOVALS",
        "PRE_PHP7_NSAPI_REMOVAL",
        "PRE_PHP7_REMOVALS",
        "PRE_PHPNG_MERGE",
        "php-5.3.11",
        "php-5.3.11RC1",
        "php-5.3.11RC2",
        "php-5.3.12",
        "php-5.3.13",
        "php-5.3.14",
        "php-5.3.14RC1",
        "php-5.3.14RC2",
        "php-5.3.15",
        "php-5.3.15RC1",
        "php-5.3.16",
        "php-5.3.17",
        "php-5.3.18",
        "php-5.3.18RC1",
        "php-5.3.19",
        "php-5.3.19RC1",
        "php-5.3.20",
        "php-5.3.20RC1",
        "php-5.3.21",
        "php-5.3.21RC1",
        "php-5.3.22",
        "php-5.3.22RC1",
        "php-5.3.22RC2",
        "php-5.3.23",
        "php-5.3.23RC1",
        "php-5.3.24",
        "php-5.3.24RC1",
        "php-5.3.25",
        "php-5.3.25RC1",
        "php-5.3.26",
        "php-5.3.26RC1",
        "php-5.3.27",
        "php-5.3.27RC1",
        "php-5.3.28",
        "php-5.3.29",
        "php-5.3.29RC1",
        "php-5.4.1",
        "php-5.4.10",
        "php-5.4.10RC1",
        "php-5.4.11",
        "php-5.4.11RC1",
        "php-5.4.12",
        "php-5.4.12RC1",
        "php-5.4.12RC2",
        "php-5.4.13",
        "php-5.4.13RC1",
        "php-5.4.14",
        "php-5.4.14RC1",
        "php-5.4.15",
        "php-5.4.15RC1",
        "php-5.4.16",
        "php-5.4.16RC1",
        "php-5.4.17",
        "php-5.4.17RC1",
        "php-5.4.18",
        "php-5.4.18RC1",
        "php-5.4.18RC2",
        "php-5.4.1RC1",
        "php-5.4.1RC2",
        "php-5.4.2",
        "php-5.4.20",
        "php-5.4.20RC1",
        "php-5.4.21",
        "php-5.4.21RC1",
        "php-5.4.22",
        "php-5.4.22RC1",
        "php-5.4.23",
        "php-5.4.23RC1",
        "php-5.4.24",
        "php-5.4.24RC1",
        "php-5.4.25",
        "php-5.4.25RC1",
        "php-5.4.26",
        "php-5.4.26RC1",
        "php-5.4.27",
        "php-5.4.27RC1",
        "php-5.4.28",
        "php-5.4.28RC1",
        "php-5.4.29RC1",
        "php-5.4.3",
        "php-5.4.30RC1",
        "php-5.4.31",
        "php-5.4.31RC1",
        "php-5.4.32",
        "php-5.4.32RC1",
        "php-5.4.33",
        "php-5.4.33RC1",
        "php-5.4.34",
        "php-5.4.35",
        "php-5.4.36",
        "php-5.4.37",
        "php-5.4.38",
        "php-5.4.39",
        "php-5.4.4",
        "php-5.4.40",
        "php-5.4.41",
        "php-5.4.42",
        "php-5.4.43",
        "php-5.4.44",
        "php-5.4.45",
        "php-5.4.4RC1",
        "php-5.4.4RC2",
        "php-5.4.5",
        "php-5.4.5RC1",
        "php-5.4.6",
        "php-5.4.6RC1",
        "php-5.4.7",
        "php-5.4.7RC1",
        "php-5.4.8",
        "php-5.4.8RC1",
        "php-5.4.9",
        "php-5.4.9RC1",
        "php-5.5.10",
        "php-5.5.10RC1",
        "php-5.5.11",
        "php-5.5.11RC1",
        "php-5.5.12",
        "php-5.5.12RC1",
        "php-5.5.13",
        "php-5.5.13RC1",
        "php-5.5.14",
        "php-5.5.14RC1",
        "php-5.5.15",
        "php-5.5.15RC1",
        "php-5.5.16",
        "php-5.5.16RC1",
        "php-5.5.17",
        "php-5.5.17RC1",
        "php-5.5.18",
        "php-5.5.18RC1",
        "php-5.5.19",
        "php-5.5.19RC1",
        "php-5.5.2",
        "php-5.5.20",
        "php-5.5.20RC1",
        "php-5.5.21",
        "php-5.5.21RC1",
        "php-5.5.22",
        "php-5.5.22RC1",
        "php-5.5.23",
        "php-5.5.23RC1",
        "php-5.5.24",
        "php-5.5.24RC1",
        "php-5.5.25",
        "php-5.5.25RC1",
        "php-5.5.26",
        "php-5.5.26RC1",
        "php-5.5.27",
        "php-5.5.27RC1",
        "php-5.5.28",
        "php-5.5.29",
        "php-5.5.3",
        "php-5.5.30",
        "php-5.5.31",
        "php-5.5.32",
        "php-5.5.33",
        "php-5.5.34",
        "php-5.5.35",
        "php-5.5.36",
        "php-5.5.37",
        "php-5.5.38",
        "php-5.5.4",
        "php-5.5.7",
        "php-5.5.7RC1",
        "php-5.5.8",
        "php-5.5.8RC1",
        "php-5.5.9",
        "php-5.5.9RC1",
        "php-5.6.0",
        "php-5.6.0RC1",
        "php-5.6.0RC2",
        "php-5.6.0RC3",
        "php-5.6.0RC4",
        "php-5.6.0alpha1",
        "php-5.6.0alpha2",
        "php-5.6.0alpha3",
        "php-5.6.0beta1",
        "php-5.6.0beta2",
        "php-5.6.0beta3",
        "php-5.6.0beta4",
        "php-5.6.1",
        "php-5.6.10",
        "php-5.6.10RC1",
        "php-5.6.11",
        "php-5.6.11RC1",
        "php-5.6.12",
        "php-5.6.12RC1",
        "php-5.6.13",
        "php-5.6.13RC1",
        "php-5.6.14",
        "php-5.6.14RC1",
        "php-5.6.15",
        "php-5.6.15RC1",
        "php-5.6.16",
        "php-5.6.16RC1",
        "php-5.6.17",
        "php-5.6.17RC1",
        "php-5.6.18",
        "php-5.6.18RC1",
        "php-5.6.19",
        "php-5.6.19RC1",
        "php-5.6.1RC1",
        "php-5.6.2",
        "php-5.6.20",
        "php-5.6.20RC1",
        "php-5.6.21",
        "php-5.6.21RC1",
        "php-5.6.22",
        "php-5.6.22RC1",
        "php-5.6.23",
        "php-5.6.23RC1",
        "php-5.6.24",
        "php-5.6.24RC1",
        "php-5.6.25",
        "php-5.6.25RC1",
        "php-5.6.26",
        "php-5.6.26RC1",
        "php-5.6.27",
        "php-5.6.27RC1",
        "php-5.6.28",
        "php-5.6.28RC1",
        "php-5.6.29",
        "php-5.6.29RC1",
        "php-5.6.3",
        "php-5.6.30",
        "php-5.6.30RC1",
        "php-5.6.31",
        "php-5.6.32",
        "php-5.6.33",
        "php-5.6.34",
        "php-5.6.35",
        "php-5.6.36",
        "php-5.6.37",
        "php-5.6.38",
        "php-5.6.39",
        "php-5.6.3RC1",
        "php-5.6.4",
        "php-5.6.40",
        "php-5.6.4RC1",
        "php-5.6.5",
        "php-5.6.5RC1",
        "php-5.6.6",
        "php-5.6.6RC1",
        "php-5.6.7",
        "php-5.6.7RC1",
        "php-5.6.8",
        "php-5.6.8RC1",
        "php-5.6.9",
        "php-5.6.9RC1",
        "php-7.0.0",
        "php-7.0.0RC1",
        "php-7.0.0RC2",
        "php-7.0.0RC3",
        "php-7.0.0RC4",
        "php-7.0.0RC5",
        "php-7.0.0RC6",
        "php-7.0.0RC7",
        "php-7.0.0RC8",
        "php-7.0.0alpha1",
        "php-7.0.0alpha2",
        "php-7.0.0beta1",
        "php-7.0.0beta2",
        "php-7.0.0beta3",
        "php-7.0.1",
        "php-7.0.10",
        "php-7.0.10RC1",
        "php-7.0.11",
        "php-7.0.11RC1",
        "php-7.0.12",
        "php-7.0.12RC1",
        "php-7.0.13",
        "php-7.0.13RC1",
        "php-7.0.14",
        "php-7.0.14RC1",
        "php-7.0.15",
        "php-7.0.15RC1",
        "php-7.0.16",
        "php-7.0.16RC1",
        "php-7.0.17",
        "php-7.0.17RC1",
        "php-7.0.18",
        "php-7.0.18RC1",
        "php-7.0.19",
        "php-7.0.19RC1",
        "php-7.0.1RC1",
        "php-7.0.2",
        "php-7.0.20",
        "php-7.0.20RC1",
        "php-7.0.21",
        "php-7.0.21RC1",
        "php-7.0.22",
        "php-7.0.22RC1",
        "php-7.0.23",
        "php-7.0.23RC1",
        "php-7.0.24",
        "php-7.0.24RC1",
        "php-7.0.25",
        "php-7.0.25RC1",
        "php-7.0.26",
        "php-7.0.26RC1",
        "php-7.0.27",
        "php-7.0.27RC1",
        "php-7.0.28",
        "php-7.0.29",
        "php-7.0.2RC1",
        "php-7.0.3",
        "php-7.0.30",
        "php-7.0.31",
        "php-7.0.32",
        "php-7.0.33",
        "php-7.0.3RC1",
        "php-7.0.4",
        "php-7.0.4RC1",
        "php-7.0.5",
        "php-7.0.5RC1",
        "php-7.0.6",
        "php-7.0.6RC1",
        "php-7.0.7",
        "php-7.0.7RC1",
        "php-7.0.8",
        "php-7.0.8RC1",
        "php-7.0.9",
        "php-7.0.9RC1",
        "php-7.1.0RC1",
        "php-7.1.0RC2",
        "php-7.1.0RC3",
        "php-7.1.0alpha2",
        "php-7.1.0beta1",
        "php-7.1.0beta2",
        "php-7.1.0beta3",
        "php-7.1.1",
        "php-7.1.10",
        "php-7.1.10RC1",
        "php-7.1.11",
        "php-7.1.11RC1",
        "php-7.1.12",
        "php-7.1.12RC1",
        "php-7.1.13RC1",
        "php-7.1.14RC1",
        "php-7.1.15",
        "php-7.1.15RC1",
        "php-7.1.16",
        "php-7.1.16RC1",
        "php-7.1.17",
        "php-7.1.17RC1",
        "php-7.1.18",
        "php-7.1.18RC1",
        "php-7.1.19",
        "php-7.1.19RC1",
        "php-7.1.1RC1",
        "php-7.1.20",
        "php-7.1.21",
        "php-7.1.21RC1",
        "php-7.1.24RC1",
        "php-7.1.27",
        "php-7.1.29",
        "php-7.1.2RC1",
        "php-7.1.3",
        "php-7.1.30",
        "php-7.1.31",
        "php-7.1.32",
        "php-7.1.33",
        "php-7.1.3RC1",
        "php-7.1.4RC1",
        "php-7.1.5",
        "php-7.1.5RC1",
        "php-7.1.6",
        "php-7.1.6RC1",
        "php-7.1.7",
        "php-7.1.7RC1",
        "php-7.1.8RC1",
        "php-7.1.9",
        "php-7.1.9RC1",
        "php-7.2.1",
        "php-7.2.15RC1",
        "php-7.2.30",
        "php-7.3.0",
        "php-7.3.0RC6",
        "php-7.3.1",
        "php-7.3.10",
        "php-7.3.10RC1",
        "php-7.3.11",
        "php-7.3.11RC1",
        "php-7.3.12",
        "php-7.3.12RC1",
        "php-7.3.13",
        "php-7.3.13RC1",
        "php-7.3.14",
        "php-7.3.14RC1",
        "php-7.3.15",
        "php-7.3.15RC1",
        "php-7.3.16",
        "php-7.3.16RC1",
        "php-7.3.17",
        "php-7.3.17RC1",
        "php-7.3.18",
        "php-7.3.18RC1",
        "php-7.3.19",
        "php-7.3.19RC1",
        "php-7.3.1RC1",
        "php-7.3.2",
        "php-7.3.20",
        "php-7.3.20RC1",
        "php-7.3.21",
        "php-7.3.21RC1",
        "php-7.3.22",
        "php-7.3.22RC1",
        "php-7.3.23",
        "php-7.3.23RC1",
        "php-7.3.24",
        "php-7.3.24RC1",
        "php-7.3.25",
        "php-7.3.25RC1",
        "php-7.3.26",
        "php-7.3.26RC1",
        "php-7.3.27",
        "php-7.3.28",
        "php-7.3.29",
        "php-7.3.2RC1",
        "php-7.3.3",
        "php-7.3.30",
        "php-7.3.31",
        "php-7.3.32",
        "php-7.3.33",
        "php-7.3.3RC1",
        "php-7.3.4",
        "php-7.3.4RC1",
        "php-7.3.5",
        "php-7.3.5RC1",
        "php-7.3.6",
        "php-7.3.6RC1",
        "php-7.3.7",
        "php-7.3.7RC1",
        "php-7.3.7RC2",
        "php-7.3.7RC3",
        "php-7.3.8",
        "php-7.3.8RC1",
        "php-7.3.9",
        "php-7.3.9RC1",
        "php-7.4.7RC1",
        "l"
      ]
    }
  ],
  "details": "OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34013\n\n```\nCrash type: Stack-use-after-return READ 4\nCrash state:\nzend_fiber_suspend_context\nzend_fiber_suspend\nzim_Fiber_suspend\n```\n",
  "id": "OSV-2021-736",
  "modified": "2023-02-24T04:50:30.323847Z",
  "published": "2021-05-08T00:00:26.963755Z",
  "references": [
    {
      "type": "REPORT",
      "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34013"
    }
  ],
  "summary": "Stack-use-after-return in zend_fiber_suspend_context"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…