1. 내용
php-fpm 자체의 nginx request의 PATH_INFO 값을 조작하여 메모리 손상 및 임의 코드가 실행 될 수있는 취약점 발견
2. 완화 방법
업데이트 진행 및 fastcgi_path_info 구문 수정
yum update php
fastcgi_path_info 구문 아래와 같이 수정
fastcgi_param PATH_INFO $fastcgi_path_info if_not_empty;
3. 보장된 해결책
php upgrade: PHP 7.1.33, PHP 7.2.24, or PHP 7.3.11
4. 관련 패키지
x86_64
php-5.3.3-50.el6_10.x86_64.rpm
php-bcmath-5.3.3-50.el6_10.x86_64.rpm
php-cli-5.3.3-50.el6_10.x86_64.rpm
php-common-5.3.3-50.el6_10.x86_64.rpm
php-dba-5.3.3-50.el6_10.x86_64.rpm
php-debuginfo-5.3.3-50.el6_10.x86_64.rpm
php-debuginfo-5.3.3-50.el6_10.x86_64.rpm
php-devel-5.3.3-50.el6_10.x86_64.rpm
php-embedded-5.3.3-50.el6_10.x86_64.rpm
php-enchant-5.3.3-50.el6_10.x86_64.rpm
php-fpm-5.3.3-50.el6_10.x86_64.rpm
php-gd-5.3.3-50.el6_10.x86_64.rpm
php-imap-5.3.3-50.el6_10.x86_64.rpm
php-intl-5.3.3-50.el6_10.x86_64.rpm
php-ldap-5.3.3-50.el6_10.x86_64.rpm
php-mbstring-5.3.3-50.el6_10.x86_64.rpm
php-mysql-5.3.3-50.el6_10.x86_64.rpm
php-odbc-5.3.3-50.el6_10.x86_64.rpm
php-pdo-5.3.3-50.el6_10.x86_64.rpm
php-pgsql-5.3.3-50.el6_10.x86_64.rpm
php-process-5.3.3-50.el6_10.x86_64.rpm
php-pspell-5.3.3-50.el6_10.x86_64.rpm
php-recode-5.3.3-50.el6_10.x86_64.rpm
php-snmp-5.3.3-50.el6_10.x86_64.rpm
php-soap-5.3.3-50.el6_10.x86_64.rpm
php-tidy-5.3.3-50.el6_10.x86_64.rpm
php-xml-5.3.3-50.el6_10.x86_64.rpm
php-xmlrpc-5.3.3-50.el6_10.x86_64.rpm
php-zts-5.3.3-50.el6_10.x86_64.rpm
5. CVE-ID
CVE-2019-11043
6. 참조
https://access.redhat.com/errata/RHSA-2019:3287