Date: Tue, 24 Nov 2015 11:33:43 +0100 From: Hanno Böck <hanno@...eck.de> To: oss-security@...ts.openwall.com, cve-assign@...re.org Subject: Heap Overflow in PCRE https://blog.fuzzing-project.org/29-Heap-Overflow-in-PCRE.html The Perl Compatible Regular Expressions (PCRE) library has just released a new version which fixes a number of security issues. Fuzzing the pcretest tool uncovered an input leading to a heap overflow in the function pcre_exec. This bug was found with the help of american fuzzy lop and address sanitizer. https://bugs.exim.org/show_bug.cgi?id=1637 Upstream bug #1637 (PoC and ASAN trace attached there) This is fixed in PCRE 8.38. There are two variants of PCRE, the classic one and PCRE2. PCRE2 is not affected. https://lists.exim.org/lurker/message/20151123.125009.80e5ac05.en.html Appart from that a couple of other vulnerabilities found by other people have been fixed in this release: https://bugs.exim.org/show_bug.cgi?id=1672 Heap overflow in compile_regex https://bugs.exim.org/show_bug.cgi?id=1515 Stack overflow in compile_regex https://bugs.exim.org/show_bug.cgi?id=1667 Heap overflow in compile_regex If you use PCRE to parse untrusted inputs you should update immediately. -- Hanno Böck http://hboeck.de/ mail/jabber: hanno@...eck.de GPG: BBB51E42 [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ