Wind River Support Network

HomeDefectsLIN10-5566
Fixed

LIN10-5566 : Security Advisory - php - CVE-2019-9637

Created: Mar 27, 2019    Updated: May 18, 2019
Resolved Date: Apr 17, 2019
Found In Version: 10.17.41.15
Fix Version: 10.17.41.16
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Userspace

Description

An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.

CREATE(Triage): {Link=https://nvd.nist.gov/vuln/detail/CVE-2019-9637 User=admin}

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube