{"id":"CVE-2016-10161","details":"The object_common1 function in ext/standard/var_unserializer.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) via crafted serialized data that is mishandled in a finish_nested_data call.","modified":"2026-02-24T11:03:10.317030Z","published":"2017-01-24T21:59:00.260Z","related":["MGASA-2017-0040","SUSE-SU-2017:0534-1","SUSE-SU-2017:0556-1","SUSE-SU-2017:0568-1"],"references":[{"type":"WEB","url":"http://www.securitytracker.com/id/1037659"},{"type":"WEB","url":"https://www.tenable.com/security/tns-2017-04"},{"type":"ADVISORY","url":"http://php.net/ChangeLog-5.php"},{"type":"ADVISORY","url":"http://php.net/ChangeLog-7.php"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3783"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/95768"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"type":"ADVISORY","url":"https://github.com/php/php-src/commit/16b3003ffc6393e250f069aa28a78dc5a2c064b2"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201702-29"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20180112-0001/"},{"type":"REPORT","url":"https://bugs.php.net/bug.php?id=73825"},{"type":"REPORT","url":"https://github.com/php/php-src/commit/16b3003ffc6393e250f069aa28a78dc5a2c064b2"},{"type":"FIX","url":"https://github.com/php/php-src/commit/16b3003ffc6393e250f069aa28a78dc5a2c064b2"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/php/php-src","events":[{"introduced":"0"},{"fixed":"16b3003ffc6393e250f069aa28a78dc5a2c064b2"}]}],"versions":["NEWS","NEWS-cvs2svn","php-5.3.23RC1","php-5.3.29","php-5.3.29RC1","php-5.4.30RC1","php-5.4.32RC1","php-5.4.4RC2","php-5.5.24RC1","php-5.6.18RC1","php-5.6.19RC1","php-5.6.22RC1","php-5.6.23RC1","php-5.6.24RC1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-10161.json","vanir_signatures":[{"target":{"file":"ext/standard/var_unserializer.c","function":"object_common1"},"signature_type":"Function","id":"CVE-2016-10161-3b9c5256","source":"https://github.com/php/php-src/commit/16b3003ffc6393e250f069aa28a78dc5a2c064b2","digest":{"function_hash":"102014736888371947073622309327152596049","length":313},"deprecated":false,"signature_version":"v1"},{"target":{"file":"ext/standard/var_unserializer.c"},"signature_type":"Line","id":"CVE-2016-10161-d7bff264","source":"https://github.com/php/php-src/commit/16b3003ffc6393e250f069aa28a78dc5a2c064b2","digest":{"line_hashes":["156659818536995479401509881781153512977","332411611261216109036119952550949627613","175154365176312667493289913859517617239","292808490699705175769846566855350577236","204434093787147435695643524830940913973","320404238966101544780012746116739028271","254394193571028949476121628024199669157","115826316860869632762850898256170057526","288492443928640837034179369550419455465","133597691269487802737759265767477076106","133241928916394438999813332856060650490","309069877246144241021183162857731752804","300149141241140382422723902163337113949","14537897399130975906325317205706474113","135217159720101803264493392694616503520","185283076345212462460319318519649780313","108619621929876402586697073964540229436","170971560399662829679597257279898093945","94274429891472346158462649840890783608","252924041623091431529690206662692415087","135128096153015951808915615995313681469","131619494778740792699116875231065282177","317618530951820823023060414865401146756","290489602454746427164461411655086850817","148091462504421943564866916766665278755","209812401911288028761332120089306364792","248469110157997342180112564542801052355","70020660201742646952249257863737609102","301943635684423793388392119989171192422","40252293043020688685497495068642280938","91594551533227649248260845118997565747","214007313744332650750185026050483657036","111319538503803771628706851971394481706","244404457169388937967563546267485743000","51764611741152284502137778962470086133","121211149818397940948596097403179740791","124549686909994422343267069861448504208","86604770935606210151290431002680849145","322295431206784981122893089000068246954","144854636401275310515902943222557455535","240376856352271781753213191599085365136","75389880859964568614716422307806993942","131394561621523499781273345186884665026","269344781322131441083608982517773901734","63715437653235278129229794125032662148","116832660271284920756294505450241968017","25968016611702531840726495991311735263","48314656578202292035288425544720254354","81268529378724751960807935402108811495","242903849568173550314315686971900602004","289952286420159641552369844466606222201","219777442382589674082647241951381047968","203512797816867684133096412369260062681","83316624676644098589983353475335242517","222615053622175322934130995245001132284","296323254794011160863202133311018479720","317804225334766029110804062146121860382","186664742860248452216040960675085258063","278428620155752142638995760764112252093","164756599401284224735253047706912681131","236277780640987173307473841942057651246","131453700100823837398392671304147153945","93377686039681326460382529325332090830","252642025292617061297567034208787785854","105837189904120547275578161330148719999","122695124371188015545299777422713641247","106690670692583702481938425110489899852","304119051236576772722763469777272013806","28887068261345770513340006360061472811","26280133394899063511596617912024520866","307544587225187099823242738742231964521","319581235034079905796705509909439236663","162463844005770259670660752817855738370","281966980067648074142240566543507404698","294192437121896453685798446473529735239","332362950513434373589925779088976557318","108481352702888374011932934116500558828","313438773159103981145298018448890417611","219156078207585343436216815655929233414","276214493963318764412424534748639683905","41472256311408623347091202367731237368","340226588820199043384612652998513531703","303008292955944647144697137037776545327","224866211994852054833883023846344453355","85904425184399690027432215477446959133","68308686890663402683343305057866492833","186284636420507909642181281237471146931","47097122779524089833671815772292756884","37678903134115544278786524366861534611","95113748457258960652270451863821414665","323258015265784422023455444648171044409","179747643586564489227379687069668531891","242635727781932376784849390327411636973","246219371449065516249945285850096598908","111031523661467018242541877133279896151","41425997854386759240047914135191211728","153603517312343001461786959562384503529","303177413990508647812165651295005986045","184928466765896983686724124135951223638","208332658735844803438330063883868864534","111664045586250202426077714417272175202","52745000606477910756160017957810204591","51388981653003571918957703208683824275","194469745212707854925036397979089728118","84383999315842369499585587257702349447","162028921666032764772388315493565288507","51822975246475781917709858843502398203","111330423438275767697563063323763280383","326389986972610958986243871476829569596","44401052975791225495741697253619455363","313570138683617402028941989883696069615","325169024165300323148198388953566181754","322407698099982339444906360000862459888","43093420482722734695652864146531921571","102397668688437072526612661462575961794","49457835069486511479137183234573342579","297220464977272875635183875237861531565","149330455243355885366588866922312608332","289901322037952959099632678126383520970","158275766494886894846308081583175902083","244483168919666275356027592949487377141","95589939382653840870153607230996668198","96413379463859426235342842489805942111","175295321965973290456496374677676168607","73548063894324940807259246949041291648","283637413765299367478168749713634756015","169983434125104900482280482422699795451","144324876620989193981448371400489921546","216519841270810782881753630797795169707","91468875349476294403202370719769848254","152268322992391752766634161049229233651","251449454170298881274153760483186219867","328106744939042563559879595229177638190","166814590317547466466707822212784960674"],"threshold":0.9},"deprecated":false,"signature_version":"v1"},{"target":{"file":"ext/standard/var_unserializer.c","function":"php_var_unserialize"},"signature_type":"Function","id":"CVE-2016-10161-f5aaf487","source":"https://github.com/php/php-src/commit/16b3003ffc6393e250f069aa28a78dc5a2c064b2","digest":{"function_hash":"198732413940183559551554626991973413187","length":17379},"deprecated":false,"signature_version":"v1"}]}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}