CVE-2015-4644

NameCVE-2015-4644
DescriptionThe php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-307-1, DSA-3344-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
php5 (PTS)jessie, jessie (lts)5.6.40+dfsg-0+deb8u21fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
php5sourcesqueeze5.3.3.1-7+squeeze27DLA-307-1
php5sourcewheezy5.4.44-0+deb7u1DSA-3344-1
php5sourcejessie5.6.12+dfsg-0+deb8u1DSA-3344-1
php5source(unstable)5.6.11+dfsg-1

Notes

Fixed in 5.6.10 / 5.5.26 / 5.4.42
https://bugs.php.net/bug.php?id=69667
https://git.php.net/?p=php-src.git;a=commitdiff;h=2cc4e69cc6d8dbc4b3568ad3dd583324a7c11d64
https://www.openwall.com/lists/oss-security/2015/06/18/3

Search for package or bug name: Reporting problems