CVE-2021-21708

In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits.

Published: Feb 27, 2022
Updated: Apr 14, 2023
CVE: CVE-2021-21708
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-416

Affected Software
References

Software	From	Fixed in
php / php	8.1.0	8.1.3
php / php	8.0.0	8.0.16
php / php	7.4.0	7.4.28

https://bugs.php.net/bug.php?id=81708
https://security.gentoo.org/glsa/202209-20
https://security.netapp.com/advisory/ntap-20220325-0004/

Vulnerability Database

289,599

CVE-2021-21708