CVE-2020-1921

Summary

In the crypt function, we attempt to null terminate a buffer using the size of the input salt without validating that the offset is within the buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0.

Affected Software

VendorProductVersion RangeStatus
FacebookHHVM4.98.1 < unspecifiedunaffected
FacebookHHVM4.98.0affected
FacebookHHVM4.97.1 < unspecifiedunaffected
FacebookHHVM4.97.0affected
FacebookHHVM4.96.1 < unspecifiedunaffected
FacebookHHVM4.96.0affected
FacebookHHVM4.95.1 < unspecifiedunaffected
FacebookHHVM4.95.0affected
FacebookHHVM4.94.1 < unspecifiedunaffected
FacebookHHVM4.94.0affected
FacebookHHVM4.93.2 < unspecifiedunaffected
FacebookHHVM4.81.0 < unspecifiedaffected
FacebookHHVM4.80.2 < unspecifiedunaffected
FacebookHHVM4.57.0 < unspecifiedaffected
FacebookHHVM4.56.3 < unspecifiedunaffected
FacebookHHVMunspecified < 4.56.3affected

Weaknesses

  • CWE-121: Stack-based Buffer Overflow (CWE-121)

ADP Enrichment

CVE Program Container

Additional References

References