In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the metaphone() function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed integer overflow occurs, resulting in undefined behavior. This can lead to an out-of-bounds read, causing a segmentation fault or access to unrelated memory, and may affect the availability of the PHP process.
A signed integer overflow vulnerability in PHP's metaphone() function allows attackers to cause denial of service through extremely large string inputs exceeding 2.1GB. The vulnerability affects PHP versions 8.2 before 8.2.31, 8.3 before 8.3.31, 8.4 before 8.4.21, and 8.5 before 8.5.6.
ثغرة تجاوز عدد صحيح موقّع في دالة metaphone() بـ PHP تحدث عند معالجة سلاسل نصية تتجاوز 2.1 مليار بايت. يمكن للمهاجمين استغلال هذه الثغرة لإحداث انهيار العملية وتعطيل الخدمة.
A signed integer overflow in PHP's metaphone() function can be exploited by passing strings larger than 2.1GB, causing out-of-bounds memory access and process crashes. This affects multiple PHP versions and impacts service availability for applications using this function.
Update PHP to version 8.2.31, 8.3.31, 8.4.21, 8.5.6 or later. Implement input validation to reject excessively large strings before processing with metaphone(). Monitor PHP error logs for segmentation faults and implement rate limiting on string processing functions.
قم بتحديث PHP إلى الإصدار 8.2.31 أو 8.3.31 أو 8.4.21 أو 8.5.6 أو أحدث. طبق التحقق من صحة المدخلات لرفض السلاسل الكبيرة جداً قبل معالجتها. راقب سجلات أخطاء PHP وطبق تحديد معدل على وظائف معالجة السلاسل.