Advisories ยป MGASA-2017-0454

Updated pcre packages fix security vulnerabilities

Publication date: 21 Dec 2017
Modification date: 21 Dec 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-6004 , CVE-2017-7186 , CVE-2017-7244 , CVE-2017-7245 , CVE-2017-7246

Description

The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE
through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version)
allows remote attackers to cause a denial of service (out-of-bounds read
and application crash) via a crafted regular expression (CVE-2017-6004).

A vulnerability was found in pcre caused by trying to find a Unicode
property for a code value greater than 0x10ffff, the Unicode maximum,
when running in non-UTF mode (where character values can be up to
0xffffffff) (CVE-2017-7186).

The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40
allows remote attackers to cause a denial of service (invalid memory
read) via a crafted file (CVE-2017-7244).

Stack-based buffer overflow in the pcre32_copy_substring function in
pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a
denial of service (WRITE of size 4) or possibly have unspecified other
impact via a crafted file (CVE-2017-7245).

Stack-based buffer overflow in the pcre32_copy_substring function in
pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a
denial of service (WRITE of size 268) or possibly have unspecified other
impact via a crafted file (CVE-2017-7246).

References

SRPMS

6/core

5/core