j3j5, tl;dr: upgrade glibc on your servers!
Summing it up, there's a vulnerability (CVE-2024-2961) on glibc that, apparently, can be used to get RCE on servers running PHP.
It's recommended that you update glibc to a patched version.https://security-tracker.debian.org/tracker/CVE-2024-2961
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2024-2961There's an upcoming talk on May 10 where the researcher will explain how it was used to hack PHP servers.
Add comment