CVE-2019-20454 – pcre: Out of bounds read in JIT mode when \X is used in non-UTF mode
https://notcve.org/view.php?id=CVE-2019-20454
An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c. Se detectó una lectura fuera de límites en PCRE versiones anteriores a 10.34, cuando el patrón \X es compilado en JIT y usado para hacer coincidir temas especialmente diseñados en modo no UTF. Las aplicaciones que utilizan PCRE para analizar entradas no confiables pueden ser vulnerables a este fallo, lo que permitiría a un atacante bloquear la aplicación. • https://bugs.exim.org/show_bug.cgi?id=2421 https://bugs.php.net/bug.php?id=78338 https://bugzilla.redhat.com/show_bug.cgi?id=1735494 https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OQRAHYHLRNMBTPR3KXVM27NSZP3KTOPI https://security.gentoo.org/glsa/202006-16 https://vcs.pcre.org/pcre2?view=revision&revision=1092 https://access.redhat.com/security/cve/CVE-2019-20454 • CWE-125: Out-of-bounds Read •
CVE-2017-16231 – PCRE 8.41 Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-16231
In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used ** EN DISPUTA ** En PCRE 8.41, tras la compilación, una prueba de concepto de carga pcrtest produce un desbordamiento de cierre en la función match() en pcre_exec.c debido a una llamada autorecursiva. NOTA: los terceros discuten la relevancia de este informe, indicando que hay opciones que pueden emplearse para limitar la cantidad de pila que se emplea. PCRE version 8.41 suffers from a buffer overflow in the match() function. • http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html http://seclists.org/fulldisclosure/2018/Dec/33 http://www.openwall.com/lists/oss-security/2017/11/01/11 http://www.openwall.com/lists/oss-security/2017/11/01/3 http://www.openwall.com/lists/oss-security/2017/11/01/7 http://www.openwall.com/lists/oss-security/2017/11/01/8 http://www.securityfocus.com/bid/101688 https://bugs.exim.org/show_bug.cgi?id=2047 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-11164
https://notcve.org/view.php?id=CVE-2017-11164
In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression. En PCRE versión 8.41, la función OP_KETRMAX en la función de coincidencia en el archivo pcre_exec.c permite el agotamiento de la pila (recursión no controlada) cuando se procesa una expresión regular creada. • http://openwall.com/lists/oss-security/2017/07/11/3 http://www.openwall.com/lists/oss-security/2023/04/11/1 http://www.openwall.com/lists/oss-security/2023/04/12/1 http://www.securityfocus.com/bid/99575 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E • CWE-674: Uncontrolled Recursion •
CVE-2017-8786
https://notcve.org/view.php?id=CVE-2017-8786
pcre2test.c in PCRE2 10.23 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression. Pcre2test.c en PCRE2 10.23 permite a atacantes remotos causar una denegación de servicio (desbordamiento de búfer basado en heap) o posiblemente otro impacto no especificado a través de una expresión regular manipulada. • https://blogs.gentoo.org/ago/2017/04/29/libpcre-heap-based-buffer-overflow-write-in-pcre2test-c https://bugs.exim.org/show_bug.cgi?id=2079 https://security.gentoo.org/glsa/201710-09 https://vcs.pcre.org/pcre2?view=revision&revision=696 https://vcs.pcre.org/pcre2?view=revision&revision=697 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-8399
https://notcve.org/view.php?id=CVE-2017-8399
PCRE2 before 10.30 has an out-of-bounds write caused by a stack-based buffer overflow in pcre2_match.c, related to a "pattern with very many captures." PCRE2 en versiones anteriores a la 10.30 tiene una escritura fuera de límites provocada por un desbordamiento de búfer basado en pila en pcre2_match.c. Esto está relacionado con un "pattern with very many captures". • http://www.securityfocus.com/bid/98315 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=783 https://security.gentoo.org/glsa/201710-09 https://vcs.pcre.org/pcre2/code/tags/pcre2-10.30/ChangeLog?revision=854&view=markup https://vcs.pcre.org/pcre2?view=revision&revision=674 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •