PHP is vulnerable to Incorrect Calculation of Buffer Size. The vulnerability exists because the core path resolution function allocates a buffer one byte too small when resolving paths with lengths close to the system MAXPATHLEN
setting, leading to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification.