Skip to main content

Hhvm CVE-2018-6340

HIGH
Out-of-bounds Read (CWE-125)
2018-12-31 cve-assign@fb.com
8.1
CVSS 3.1 · Vendor: fb
Share

Severity by source

Vendor (fb) PRIMARY
8.1 HIGH
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from Vendor (fb) · only source for this CVE.

CVSS VectorVendor: fb

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Dec 31, 2018 - 22:29 cve.org
HIGH 8.1

DescriptionCVE.org

The Memcache::getextendedstats function can be used to trigger an out-of-bounds read. Exploiting this issue requires control over memcached server hostnames and/or ports. This affects all supported versions of HHVM (3.30 and 3.27.4 and below).

AnalysisAI

The Memcache::getextendedstats function can be used to trigger an out-of-bounds read. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Read (CWE-125), which allows attackers to read data from memory outside the intended buffer boundaries. The Memcache::getextendedstats function can be used to trigger an out-of-bounds read. Exploiting this issue requires control over memcached server hostnames and/or ports. This affects all supported versions of HHVM (3.30 and 3.27.4 and below). Affected products include: Facebook Hhvm.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Validate array indices and buffer lengths. Use memory-safe languages. Enable AddressSanitizer during testing.

More in Hhvm

View all
CVE-2016-6870 CRITICAL
9.8 Feb 17

Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functions in Facebook HHVM

CVE-2016-6875 CRITICAL
9.8 Feb 17

Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vector

CVE-2016-6874 CRITICAL
9.8 Feb 17

The array_*_recursive functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown v

CVE-2016-6873 CRITICAL
9.8 Feb 17

Self recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors

CVE-2016-6872 CRITICAL
9.8 Feb 17

Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via u

CVE-2016-6871 CRITICAL
9.8 Feb 17

Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vector

CVE-2021-24036 CRITICAL
9.8 Jul 23

Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds wri

CVE-2021-24025 CRITICAL
9.8 Mar 10

Due to incorrect string size calculations inside the preg_quote function, a large input string passed to the function ca

CVE-2019-11936 CRITICAL
9.8 Dec 04

Various APC functions accept keys containing null bytes as input, leading to premature truncation of input.30.12, all ve

CVE-2019-11935 CRITICAL
9.8 Dec 04

Insufficient boundary checks when processing a string in mb_ereg_replace allows access to out-of-bounds memory.30.12, al

CVE-2019-11930 CRITICAL
9.8 Dec 04

An invalid free in mb_detect_order can cause the application to crash or potentially result in remote code execution.30.

CVE-2019-11929 CRITICAL
9.8 Oct 02

Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory,

Share

CVE-2018-6340 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy