Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:32686
HistoryOct 22, 2021 - 3:13 a.m.

Privilege Escalation

2021-10-2203:13:17
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17

0.001 Low

EPSS

Percentile

51.1%

PHP is vulnerable to privilege escalation. When running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user.