In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??=  operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the script, it could lead to remote code execution.
History

Mon, 07 Apr 2025 14:00:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

threat_severity

Important


Fri, 04 Apr 2025 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 04 Apr 2025 18:00:00 +0000

Type Values Removed Values Added
Description In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??=  operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the script, it could lead to remote code execution.
Title Reference counting in php_request_shutdown causes Use-After-Free
Weaknesses CWE-416
References
Metrics cvssV4_0

{'score': 9.2, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Amber'}


cve-icon MITRE

Status: PUBLISHED

Assigner: php

Published: 2025-04-04T17:51:07.550Z

Updated: 2025-04-05T03:55:36.686Z

Reserved: 2024-11-15T06:26:33.249Z

Link: CVE-2024-11235

cve-icon Vulnrichment

Updated: 2025-04-04T19:50:12.693Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-04-04T18:15:48.020

Modified: 2025-04-07T14:17:50.220

Link: CVE-2024-11235

cve-icon Redhat

Severity : Important

Publid Date: 2025-04-04T17:51:07Z

Links: CVE-2024-11235 - Bugzilla