oss-sec mailing list archives
Re: Re: CVE Request: Double Free in PHP
From: Joshua Rogers <oss () internot info>
Date: Tue, 30 Dec 2014 06:38:44 +1100
Hi, On 30/12/14 03:36, cve-assign () mitre org wrote:
I found a double-free in PHP: https://bugs.php.net/bug.php?id=68676And it has been patched in the following commits: http://git.php.net/?p=php-src.git;a=commit;h=2bcf69d073190e4f032d883f3416dea1b027a39e http://git.php.net/?p=php-src.git;a=commit;h=24125f0f26f3787c006e4a51611ba33ee3b841cb http://git.php.net/?p=php-src.git;a=commit;h=fbf3a6bc1abcc8a5b5226b0ad9464c37f11ddbd6Use CVE-2014-9425.
I found in total I believe 5(don't quote me on that) double-free's/use-after-frees/invalid-free's in PHP. Should I use the same CVE-ID for all of them? Thanks, -- -- Joshua Rogers <https://internot.info/>
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- CVE Request: Double Free in PHP Joshua Rogers (Dec 29)
- Re: CVE Request: Double Free in PHP cve-assign (Dec 29)
- Re: Re: CVE Request: Double Free in PHP Joshua Rogers (Dec 29)
- Re: CVE Request: Double Free in PHP cve-assign (Dec 29)
- Re: Re: CVE Request: Double Free in PHP Joshua Rogers (Dec 29)
- Re: Re: CVE Request: Double Free in PHP Joshua Rogers (Dec 29)
- Re: CVE Request: Double Free in PHP cve-assign (Dec 29)