Heap Corruption Vulnerability in PHP versions 8.1.x below 8.1.8

Heap Corruption Vulnerability in PHP versions 8.1.x below 8.1.8

CVE-2022-31627 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfo_buffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption.

Learn more about our Cis Benchmark Audit For Ibm I.