CVE-2019-3570
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Call to the scrypt_enc() function in HHVM can lead to heap corruption by using specifically crafted parameters (N, r and p). This happens if the parameters are configurable by an attacker for instance by providing the output of scrypt_enc() in a context where Hack/PHP code would attempt to verify it by re-running scrypt_enc() with the same parameters. This could result in information disclosure, memory being overwriten or crashes of the HHVM process. This issue affects versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.7.0, 4.8.0, versions 3.30.5 and below, and all versions in the 4.0, 4.1, and 4.2 series.
La llamada a la función scrypt_enc () en HHVM puede provocar daños en el montón mediante el uso de parámetros específicamente diseñados (N, r y p). Esto sucede si los parámetros son configurables por un atacante, por ejemplo, proporcionando la salida de scrypt_enc () en un contexto donde el código Hack / PHP intentaría verificarlo volviendo a ejecutar scrypt_enc () con los mismos parámetros. Esto podría dar lugar a la divulgación de información, la sobrescritura de memoria o el bloqueo del proceso HHVM. Este problema afecta a las versiones 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.7.0, 4.8.0, versiones 3.30.5 y anteriores, y todas las versiones de las series 4.0, 4.1 y 4.2.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-02 CVE Reserved
- 2019-07-18 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-122: Heap-based Buffer Overflow
- CWE-787: Out-of-bounds Write
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/facebook/hhvm/commit/cc331e4349e91706a673e2a09f1f2ea5bbb33815 | 2020-10-16 |
| URL | Date | SRC |
|---|---|---|
| https://hhvm.com/blog/2019/06/10/hhvm-4.9.0.html | 2020-10-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Facebook Search vendor "Facebook" | Hiphop Virtual Machine Search vendor "Facebook" for product "Hiphop Virtual Machine" | <= 3.30.5 Search vendor "Facebook" for product "Hiphop Virtual Machine" and version " <= 3.30.5" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hiphop Virtual Machine Search vendor "Facebook" for product "Hiphop Virtual Machine" | >= 4.0.0 <= 4.0.4 Search vendor "Facebook" for product "Hiphop Virtual Machine" and version " >= 4.0.0 <= 4.0.4" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hiphop Virtual Machine Search vendor "Facebook" for product "Hiphop Virtual Machine" | 4.1.0 Search vendor "Facebook" for product "Hiphop Virtual Machine" and version "4.1.0" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hiphop Virtual Machine Search vendor "Facebook" for product "Hiphop Virtual Machine" | 4.2.0 Search vendor "Facebook" for product "Hiphop Virtual Machine" and version "4.2.0" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hiphop Virtual Machine Search vendor "Facebook" for product "Hiphop Virtual Machine" | 4.3.0 Search vendor "Facebook" for product "Hiphop Virtual Machine" and version "4.3.0" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hiphop Virtual Machine Search vendor "Facebook" for product "Hiphop Virtual Machine" | 4.4.0 Search vendor "Facebook" for product "Hiphop Virtual Machine" and version "4.4.0" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hiphop Virtual Machine Search vendor "Facebook" for product "Hiphop Virtual Machine" | 4.5.0 Search vendor "Facebook" for product "Hiphop Virtual Machine" and version "4.5.0" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hiphop Virtual Machine Search vendor "Facebook" for product "Hiphop Virtual Machine" | 4.6.0 Search vendor "Facebook" for product "Hiphop Virtual Machine" and version "4.6.0" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hiphop Virtual Machine Search vendor "Facebook" for product "Hiphop Virtual Machine" | 4.7.0 Search vendor "Facebook" for product "Hiphop Virtual Machine" and version "4.7.0" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hiphop Virtual Machine Search vendor "Facebook" for product "Hiphop Virtual Machine" | 4.8.0 Search vendor "Facebook" for product "Hiphop Virtual Machine" and version "4.8.0" | - |
Affected
| ||||||