Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2022-31625: SUSE Linux Security Advisory

Free InsightVM Trial No Credit Card Necessary

2024 Attack Intel Report Latest research by Rapid7 Labs

Back to Search

SUSE: CVE-2022-31625: SUSE Linux Security Advisory

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

06/16/2022

Created

10/26/2022

Added

10/26/2022

Modified

10/26/2022

Description

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

Solution(s)

suse-upgrade-apache2-mod_php7
suse-upgrade-apache2-mod_php72
suse-upgrade-apache2-mod_php74
suse-upgrade-apache2-mod_php8
suse-upgrade-php7
suse-upgrade-php7-bcmath
suse-upgrade-php7-bz2
suse-upgrade-php7-calendar
suse-upgrade-php7-cli
suse-upgrade-php7-ctype
suse-upgrade-php7-curl
suse-upgrade-php7-dba
suse-upgrade-php7-devel
suse-upgrade-php7-dom
suse-upgrade-php7-embed
suse-upgrade-php7-enchant
suse-upgrade-php7-exif
suse-upgrade-php7-fastcgi
suse-upgrade-php7-fileinfo
suse-upgrade-php7-firebird
suse-upgrade-php7-fpm
suse-upgrade-php7-ftp
suse-upgrade-php7-gd
suse-upgrade-php7-gettext
suse-upgrade-php7-gmp
suse-upgrade-php7-iconv
suse-upgrade-php7-intl
suse-upgrade-php7-json
suse-upgrade-php7-ldap
suse-upgrade-php7-mbstring
suse-upgrade-php7-mysql
suse-upgrade-php7-odbc
suse-upgrade-php7-opcache
suse-upgrade-php7-openssl
suse-upgrade-php7-pcntl
suse-upgrade-php7-pdo
suse-upgrade-php7-pear
suse-upgrade-php7-pear-archive_tar
suse-upgrade-php7-pgsql
suse-upgrade-php7-phar
suse-upgrade-php7-posix
suse-upgrade-php7-readline
suse-upgrade-php7-shmop
suse-upgrade-php7-snmp
suse-upgrade-php7-soap
suse-upgrade-php7-sockets
suse-upgrade-php7-sodium
suse-upgrade-php7-sqlite
suse-upgrade-php7-sysvmsg
suse-upgrade-php7-sysvsem
suse-upgrade-php7-sysvshm
suse-upgrade-php7-test
suse-upgrade-php7-tidy
suse-upgrade-php7-tokenizer
suse-upgrade-php7-wddx
suse-upgrade-php7-xmlreader
suse-upgrade-php7-xmlrpc
suse-upgrade-php7-xmlwriter
suse-upgrade-php7-xsl
suse-upgrade-php7-zip
suse-upgrade-php7-zlib
suse-upgrade-php72
suse-upgrade-php72-bcmath
suse-upgrade-php72-bz2
suse-upgrade-php72-calendar
suse-upgrade-php72-ctype
suse-upgrade-php72-curl
suse-upgrade-php72-dba
suse-upgrade-php72-devel
suse-upgrade-php72-dom
suse-upgrade-php72-enchant
suse-upgrade-php72-exif
suse-upgrade-php72-fastcgi
suse-upgrade-php72-fileinfo
suse-upgrade-php72-fpm
suse-upgrade-php72-ftp
suse-upgrade-php72-gd
suse-upgrade-php72-gettext
suse-upgrade-php72-gmp
suse-upgrade-php72-iconv
suse-upgrade-php72-imap
suse-upgrade-php72-intl
suse-upgrade-php72-json
suse-upgrade-php72-ldap
suse-upgrade-php72-mbstring
suse-upgrade-php72-mysql
suse-upgrade-php72-odbc
suse-upgrade-php72-opcache
suse-upgrade-php72-openssl
suse-upgrade-php72-pcntl
suse-upgrade-php72-pdo
suse-upgrade-php72-pear
suse-upgrade-php72-pear-archive_tar
suse-upgrade-php72-pgsql
suse-upgrade-php72-phar
suse-upgrade-php72-posix
suse-upgrade-php72-pspell
suse-upgrade-php72-readline
suse-upgrade-php72-shmop
suse-upgrade-php72-snmp
suse-upgrade-php72-soap
suse-upgrade-php72-sockets
suse-upgrade-php72-sodium
suse-upgrade-php72-sqlite
suse-upgrade-php72-sysvmsg
suse-upgrade-php72-sysvsem
suse-upgrade-php72-sysvshm
suse-upgrade-php72-tidy
suse-upgrade-php72-tokenizer
suse-upgrade-php72-wddx
suse-upgrade-php72-xmlreader
suse-upgrade-php72-xmlrpc
suse-upgrade-php72-xmlwriter
suse-upgrade-php72-xsl
suse-upgrade-php72-zip
suse-upgrade-php72-zlib
suse-upgrade-php74
suse-upgrade-php74-bcmath
suse-upgrade-php74-bz2
suse-upgrade-php74-calendar
suse-upgrade-php74-ctype
suse-upgrade-php74-curl
suse-upgrade-php74-dba
suse-upgrade-php74-devel
suse-upgrade-php74-dom
suse-upgrade-php74-enchant
suse-upgrade-php74-exif
suse-upgrade-php74-fastcgi
suse-upgrade-php74-fileinfo
suse-upgrade-php74-fpm
suse-upgrade-php74-ftp
suse-upgrade-php74-gd
suse-upgrade-php74-gettext
suse-upgrade-php74-gmp
suse-upgrade-php74-iconv
suse-upgrade-php74-intl
suse-upgrade-php74-json
suse-upgrade-php74-ldap
suse-upgrade-php74-mbstring
suse-upgrade-php74-mysql
suse-upgrade-php74-odbc
suse-upgrade-php74-opcache
suse-upgrade-php74-openssl
suse-upgrade-php74-pcntl
suse-upgrade-php74-pdo
suse-upgrade-php74-pgsql
suse-upgrade-php74-phar
suse-upgrade-php74-posix
suse-upgrade-php74-readline
suse-upgrade-php74-shmop
suse-upgrade-php74-snmp
suse-upgrade-php74-soap
suse-upgrade-php74-sockets
suse-upgrade-php74-sodium
suse-upgrade-php74-sqlite
suse-upgrade-php74-sysvmsg
suse-upgrade-php74-sysvsem
suse-upgrade-php74-sysvshm
suse-upgrade-php74-tidy
suse-upgrade-php74-tokenizer
suse-upgrade-php74-xmlreader
suse-upgrade-php74-xmlrpc
suse-upgrade-php74-xmlwriter
suse-upgrade-php74-xsl
suse-upgrade-php74-zip
suse-upgrade-php74-zlib
suse-upgrade-php8
suse-upgrade-php8-bcmath
suse-upgrade-php8-bz2
suse-upgrade-php8-calendar
suse-upgrade-php8-cli
suse-upgrade-php8-ctype
suse-upgrade-php8-curl
suse-upgrade-php8-dba
suse-upgrade-php8-devel
suse-upgrade-php8-dom
suse-upgrade-php8-embed
suse-upgrade-php8-enchant
suse-upgrade-php8-exif
suse-upgrade-php8-fastcgi
suse-upgrade-php8-fileinfo
suse-upgrade-php8-fpm
suse-upgrade-php8-ftp
suse-upgrade-php8-gd
suse-upgrade-php8-gettext
suse-upgrade-php8-gmp
suse-upgrade-php8-iconv
suse-upgrade-php8-intl
suse-upgrade-php8-ldap
suse-upgrade-php8-mbstring
suse-upgrade-php8-mysql
suse-upgrade-php8-odbc
suse-upgrade-php8-opcache
suse-upgrade-php8-openssl
suse-upgrade-php8-pcntl
suse-upgrade-php8-pdo
suse-upgrade-php8-pgsql
suse-upgrade-php8-phar
suse-upgrade-php8-posix
suse-upgrade-php8-readline
suse-upgrade-php8-shmop
suse-upgrade-php8-snmp
suse-upgrade-php8-soap
suse-upgrade-php8-sockets
suse-upgrade-php8-sodium
suse-upgrade-php8-sqlite
suse-upgrade-php8-sysvmsg
suse-upgrade-php8-sysvsem
suse-upgrade-php8-sysvshm
suse-upgrade-php8-test
suse-upgrade-php8-tidy
suse-upgrade-php8-tokenizer
suse-upgrade-php8-xmlreader
suse-upgrade-php8-xmlwriter
suse-upgrade-php8-xsl
suse-upgrade-php8-zip
suse-upgrade-php8-zlib

References

https://attackerkb.com/topics/cve-2022-31625
CVE - 2022-31625
DSA-5179

Advanced vulnerability management analytics and reporting.

Key Features

Lightweight Endpoint Agent
Live Dashboards
Real Risk Prioritization
IT-Integrated Remediation Projects
Cloud, Virtual, and Container Assessment
Integrated Threat Feeds
Easy-to-Use RESTful API
Automation-Assisted Patching
Automated Containment

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2022-31625: SUSE Linux Security Advisory

SUSE: CVE-2022-31625: SUSE Linux Security Advisory

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.