{"id":"CVE-2018-10545","details":"An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process.","modified":"2026-04-11T06:58:33.963758Z","published":"2018-04-29T21:29:00.277Z","related":["SUSE-SU-2018:1176-1","SUSE-SU-2018:1291-1","SUSE-SU-2018:1294-1"],"references":[{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4240"},{"type":"ADVISORY","url":"https://www.tenable.com/security/tns-2018-12"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/104022"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201812-01"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20180607-0003/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3646-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3646-2/"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html"},{"type":"FIX","url":"http://php.net/ChangeLog-5.php"},{"type":"FIX","url":"http://php.net/ChangeLog-7.php"},{"type":"FIX","url":"https://bugs.php.net/bug.php?id=75605"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/php/php-src","events":[{"introduced":"0"},{"fixed":"404e8465429616e6cf04f5c4ad65ebef759c525b"},{"introduced":"60fffd296abce5fc071f3c173c25a2696cf683c6"},{"fixed":"b4c9234d03f0a2aab5b35dee0df08530626210d7"},{"introduced":"0221e9f827632942225586687a33cfd554860d5e"},{"fixed":"f52597c960e2e3f46fb96bf1d11b7b03ed338f84"},{"introduced":"8148cbb78841c8ec0759c0836e7f35dec799d300"},{"fixed":"e474a0439a9e89d98c2728ed4a1c9d029c107682"},{"introduced":"0"},{"last_affected":"60fffd296abce5fc071f3c173c25a2696cf683c6"},{"introduced":"0"},{"last_affected":"5dc92c2117cafc61daaaaa240fd46c3ac33872a4"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"5.6.35"},{"introduced":"7.0.0"},{"fixed":"7.0.29"},{"introduced":"7.1.0"},{"fixed":"7.1.16"},{"introduced":"7.2.0"},{"fixed":"7.2.4"},{"introduced":"0"},{"last_affected":"7.0"},{"introduced":"0"},{"last_affected":"8.0"}]}}],"versions":["POST_64BIT_BRANCH_MERGE","POST_AST_MERGE","POST_PHP7_NSAPI_REMOVAL","POST_PHP7_REMOVALS","POST_PHPNG_MERGE","PRE_64BIT_BRANCH_MERGE","PRE_AST_MERGE","PRE_PHP7_EREG_MYSQL_REMOVALS","PRE_PHP7_NSAPI_REMOVAL","PRE_PHP7_REMOVALS","php-7.0.0","php-7.1.16RC1","php-8.0.0"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"12.04"}]},{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"17.10"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"vanir_signatures_modified":"2026-04-11T06:58:33Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-10545.json","vanir_signatures":[{"id":"CVE-2018-10545-0ba347cc","source":"https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84","signature_version":"v1","target":{"file":"sapi/fpm/fpm/fpm_unix.c"},"deprecated":false,"digest":{"line_hashes":["256365884870753358372710319244770316957","230611153719690024403978117961271284794","102921983361664405159817029964854163626","314773791019620477757473304779551723829"],"threshold":0.9},"signature_type":"Line"},{"id":"CVE-2018-10545-3cbcde99","source":"https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84","signature_version":"v1","target":{"file":"sapi/fpm/fpm/fpm_unix.c","function":"fpm_unix_init_child"},"deprecated":false,"digest":{"function_hash":"287442094763772067342266346183851523533","length":3862},"signature_type":"Function"},{"id":"CVE-2018-10545-4f93f49d","source":"https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84","signature_version":"v1","target":{"file":"sapi/fpm/fpm/fpm_conf.c","function":"fpm_conf_dump"},"deprecated":false,"digest":{"function_hash":"277853390626986811607452198894226224441","length":5732},"signature_type":"Function"},{"id":"CVE-2018-10545-acf8bc68","source":"https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84","signature_version":"v1","target":{"file":"sapi/fpm/fpm/fpm_conf.c"},"deprecated":false,"digest":{"line_hashes":["256511797819681255547969006441959424448","170070270104641774874597543346518647493","121743950867872505806597948820614470705","242090551949141085346613766795016436438","295134697379924912630054271846860817862","260598572435739408847505379837062082534","216713436482603700555238819130138446343","304870878083177849104934347341857056093","108754229275187834165973092560493734346","173508882186227559114645650907357673409","42193457222507860198891650040648699561","256217340988184821380731613952953168297"],"threshold":0.9},"signature_type":"Line"},{"id":"CVE-2018-10545-b65a498f","source":"https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84","signature_version":"v1","target":{"file":"sapi/fpm/fpm/fpm_conf.h"},"deprecated":false,"digest":{"line_hashes":["40588419778845794792413482029445539851","164442732053218752669806283308602697138","22712446989311435435055743798677487384","206944676588201666044630381716353874484"],"threshold":0.9},"signature_type":"Line"},{"id":"CVE-2018-10545-ff51c531","source":"https://github.com/php/php-src/commit/f52597c960e2e3f46fb96bf1d11b7b03ed338f84","signature_version":"v1","target":{"file":"sapi/fpm/fpm/fpm_conf.c","function":"fpm_worker_pool_config_alloc"},"deprecated":false,"digest":{"function_hash":"267983799647513806905976755268945309230","length":671},"signature_type":"Function"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}