Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 22 Dec 2015 23:29:54 +1300
From: Emmanuel Law <>
Subject: CVE Request: Use after free in PHP Collator::sortWithSortKeys function


I reported a use after free in PHP's Intl extension. The vulnerability is
in Collator::sortWithSortKeys function. Only Php 7.0.0 is affected.

This can potentially be remotely exploitable if the sorting function is
called on a user supplied array.

Not sure If this is CVE worthy. But if so, please assign it one.


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ