CVE-2020-1899
N/A
N/A
Summary
The unserialize() function supported a type code, "S", which was meant to be supported only for APC serialization. This type code allowed arbitrary memory addresses to be accessed as if they were static StringData objects. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62.0.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HHVM | 4.62.1 < unspecified | unaffected | |
| HHVM | 4.62.0 | affected | |
| HHVM | 4.61.1 < unspecified | unaffected | |
| HHVM | 4.61.0 | affected | |
| HHVM | 4.60.1 < unspecified | unaffected | |
| HHVM | 4.60.0 | affected | |
| HHVM | 4.59.1 < unspecified | unaffected | |
| HHVM | 4.59.0 | affected | |
| HHVM | 4.58.2 < unspecified | unaffected | |
| HHVM | 4.58.0 < unspecified | affected | |
| HHVM | 4.57.1 < unspecified | unaffected | |
| HHVM | 4.57.0 | affected | |
| HHVM | 4.56.1 < unspecified | unaffected | |
| HHVM | 4.33.0 < unspecified | affected | |
| HHVM | 4.32.3 < unspecified | unaffected | |
| HHVM | unspecified < 4.32.3 | affected |
Weaknesses
- CWE-822: Untrusted Pointer Dereference (CWE-822)
ADP Enrichment
CVE Program Container
Additional References
- https://hhvm.com/blog/2020/06/30/security-update.html
- https://github.com/facebook/hhvm/commit/1107228a5128d3ca1c4add8ac1635d933cbbe2e9
References
- https://hhvm.com/blog/2020/06/30/security-update.html
- https://github.com/facebook/hhvm/commit/1107228a5128d3ca1c4add8ac1635d933cbbe2e9
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.