Critical Flaw in PHP Leads To a Use-After-Free Vulnerability

Risk Level

Informational (4)

  • N/A


A flaw was found in PHP. The vulnerability occurs due to the malformed php_filter_float() function and leads to a use-after-free vulnerability. This flaw allows an attacker to inject a malicious file, leading to a crash or a Segmentation fault
  • Recommended Mitigation

    Update to version 8.1.3. If you haven't yet shifted to the 8.1 flavour of PHP, two other earlier branches are still supported: 8.0 needs upgrading to 8.0.16, and 7.4 needs upgrading to 7.4.28. If you're using a Linux distro that manages PHP for you, check your distro for details.