{"id":"CVE-2019-3557","details":"The implementations of streams for bz2 and php://output improperly implemented their readImpl functions, returning -1 consistently. This behavior caused some stream functions, such as stream_get_line, to trigger an out-of-bounds read when operating on such malformed streams. The implementations were updated to return valid values consistently. This affects all supported versions of HHVM (3.30 and 3.27.4 and below).","modified":"2026-04-11T09:46:11.853189Z","published":"2019-01-15T22:29:00.377Z","references":[{"type":"ADVISORY","url":"https://hhvm.com/blog/2019/01/14/hhvm-3.30.2.html"},{"type":"FIX","url":"https://github.com/facebook/hhvm/commit/6e4dd9ec3f14b48170fc45dc9d13a3261765f994"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/facebook/hhvm","events":[{"introduced":"0"},{"last_affected":"b14f761969e2ce2b52d7e49e40fa6c58bf43e477"},{"introduced":"f0ad4879d6bee987a31c543ee57cc69b3741416b"},{"last_affected":"68dd840917c9051225b38206fa61791bb68767fb"},{"fixed":"6e4dd9ec3f14b48170fc45dc9d13a3261765f994"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.27.4"},{"introduced":"3.28.0"},{"last_affected":"3.30.0"}]}}],"versions":["HHVM-3.27.0","HHVM-3.27.1","HHVM-3.27.2","HHVM-3.27.3","HHVM-3.27.4","HHVM-3.30.0","HPHP-2.1.0","gcc-4.6","pre-hhvm","src-hphp"],"database_specific":{"vanir_signatures":[{"target":{"file":"hphp/runtime/base/output-file.cpp"},"source":"https://github.com/facebook/hhvm/commit/6e4dd9ec3f14b48170fc45dc9d13a3261765f994","id":"CVE-2019-3557-43cc3ee9","signature_type":"Line","digest":{"line_hashes":["142108827713512514436185405057893135105","269656250916374553211667901320829428383","319612009202422336968135164533114029828","15002152957258456447109582021990837697"],"threshold":0.9},"signature_version":"v1","deprecated":false},{"target":{"file":"hphp/runtime/base/output-file.cpp","function":"OutputFile::readImpl"},"source":"https://github.com/facebook/hhvm/commit/6e4dd9ec3f14b48170fc45dc9d13a3261765f994","id":"CVE-2019-3557-55b6d914","signature_type":"Function","digest":{"function_hash":"12047624258055674249961091365408552516","length":121},"signature_version":"v1","deprecated":false},{"target":{"file":"hphp/runtime/ext/bz2/bz2-file.cpp"},"source":"https://github.com/facebook/hhvm/commit/6e4dd9ec3f14b48170fc45dc9d13a3261765f994","id":"CVE-2019-3557-a05c634b","signature_type":"Line","digest":{"line_hashes":["110901687410337669414477894623879298352","95572666697477733803261616521873614957","106358059622253155722317322929847808364","122347618177407082596295890497230634246"],"threshold":0.9},"signature_version":"v1","deprecated":false},{"target":{"file":"hphp/runtime/ext/bz2/bz2-file.cpp","function":"BZ2File::readImpl"},"source":"https://github.com/facebook/hhvm/commit/6e4dd9ec3f14b48170fc45dc9d13a3261765f994","id":"CVE-2019-3557-bb1a0814","signature_type":"Function","digest":{"function_hash":"22265091904922056449492719171830689508","length":255},"signature_version":"v1","deprecated":false}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-3557.json","vanir_signatures_modified":"2026-04-11T09:46:11Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}