go to bug id or search bugs for
Follow-Up to already reported Bug #70185 (https://bugs.php.net/bug.php?id=70185)
Still a Problem with current PHP 7.2.2.
When using Program execution Functions (passthru(), exec(), shell_exec(), system(), ...) the php-fpm: master process reproduceable crashes with signal 15 (SIGTERM) which leads to crash-loop, 100% CPU usage and spamming of Logs (30GB within 1 day on my Dev-Server)
exec('/usr/bin/postcss css_from.css --use autoprefixer --autoprefixer.remove "false" --output css_to.css');
[16-Feb-2018 14:48:30] WARNING: [pool www] child 53778 exited on signal 15 (SIGTERM) after 0.046685 seconds from start
[16-Feb-2018 14:48:30] WARNING: [pool www] child 53782 exited on signal 15 (SIGTERM) after 0.045416 seconds from start
[16-Feb-2018 14:48:30] WARNING: [pool www] child 53785 exited on signal 15 (SIGTERM) after 0.045331 seconds from start
[16-Feb-2018 14:48:30] WARNING: [pool www] child 53787 exited on signal 15 (SIGTERM) after 0.044765 seconds from start
Add a Patch
Add a Pull Request
correction - not the master process crashes but php-fpm continues to restart the process over and over again using 100% of the CPU on the php-fpm master process. (crash loop)
Is it possible to provide a **self-contained** reproducer for this? That is, using something like "ls" rather than "postcss"?
If not, please provide detailed instructions on how to reproduce this, including any necessary input files and instructions for the installation of necessary programs.
was able to reproduce behaviour "self contained":
Reproduceable on 2 Machines with php-fpm 7.2.2 and earlier.
As it can be used to DOS Shared Hosting Servers (i.e. all Plesk Servers use PHP-FPM) I think this got some Security implications too.
someone with proper rights please assign CVE-2015-9253 to this Bug Report.
Could someone explain to me why this is a security issue? Which permission border is being crossed?
I mean, if you have process exec privileges, couldn't you just "kill -9" your parent FPM process from shell and achieve the same effect?
> Could someone explain to me why this is a security issue?
Sorry, I can't. I've merely switched to private, since a CVE had
This seems just like a duplicate of the https://bugs.php.net/bug.php?id=70185 that is public already so there is no reason to keep this as a security bug IMHO.
Duplicate of bug #73342. Unassigning privacy status as this has been public for a long time already.
Bug #73342 also has a patch attached, though I haven't checked if it makes sense.