OSV-2023-1095

Import Source

JSON Data

https://api.osv.dev/v1/vulns/OSV-2023-1095

Published

2023-10-31T13:03:18.357724Z

Modified

2023-11-01T17:42:22.538231Z

Summary

Heap-use-after-free in zend_jit_trace_execute

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63725

Crash type: Heap-use-after-free READ 4
Crash state:
zend_jit_trace_execute
zend_jit_trace_hot_side
zend_jit_trace_exit

References

Affected packages

Type: GIT
Repo: https://github.com/php/php-src.git
Events: Introduced

3eba1a876a12d02d478e2d714d6449ed8c9585a9

Introduced

e270ee3008829fa50142ff39b2f6e5d2fa9cc665

Fixed

cf7e5f02584a821e821f04b498f9ca57bb4368f1

Fixed

b280f1f9647812b490826507efd575cfbad84537

{
    "severity": "HIGH"
}