Bug 443928 (CVE-2008-1927)

Summary: CVE-2008-1927 perl: heap corruption by regular expressions with utf8 characters
Product: [Other] Security Response Reporter: Tomas Hoger <thoger>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: kasal, kreilly, mmaslano, rc040203, robin.norwood, tcallawa
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1927
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-06-17 16:20:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 449319, 449320, 449321, 449322, 449323, 449324, 466966, 466967    
Bug Blocks: 466968    
Attachments:
Description Flags
Patch from DSA-1556-1
none
Test case extracted from Debian patch
none
Test case from Debian bug #454792 none

Description Tomas Hoger 2008-04-24 07:10:09 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-1927 to the following vulnerability:

Double free vulnerability in Perl 5.8.8 allows context-dependent
attackers to cause a denial of service (memory corruption and crash)
via a crafted regular expression containing UTF8 characters.  NOTE:
this issue might only be present on certain operating systems.

References:
http://rt.perl.org/rt3/Public/Bug/Display.html?id=48156
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454792
Comment 1 Tomas Hoger 2008-04-25 06:54:36 UTC 
Created attachment 303744 [details]
Patch from DSA-1556-1

http://www.debian.org/security/2008/dsa-1556
http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=26;filename=27_fix_regcomp_utf8;att=1;bug=454792
Comment 2 Tomas Hoger 2008-04-25 07:02:43 UTC 
Created attachment 303746 [details]
Test case extracted from Debian patch
Comment 3 Tomas Hoger 2008-04-25 07:42:10 UTC 
Created attachment 303751 [details]
Test case from Debian bug #454792
Comment 8 Fedora Update System 2008-04-29 20:58:48 UTC 
perl-5.8.8-39.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 Fedora Update System 2008-04-29 20:59:25 UTC 
perl-5.8.8-29.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 10 Johnny Hughes 2008-05-21 10:25:43 UTC 
it seems that segfaults can be produced in RHEL-3, RHEL-4, and RHEL-5 with test
case attachment in #2.

Is this issue being addressed for RHEL?
Comment 13 Red Hat Product Security 2008-06-17 16:20:36 UTC 
This issue was addressed in:

Red Hat Application Stack:
  http://rhn.redhat.com/errata/RHSA-2008-0532.html

Red Hat Enterprise Linux:
  http://rhn.redhat.com/errata/RHSA-2008-0522.html

Fedora:
  https://admin.fedoraproject.org/updates/F7/FEDORA-2008-3399
  https://admin.fedoraproject.org/updates/F8/FEDORA-2008-3392
Comment 15 errata-xmlrpc 2010-08-04 21:32:46 UTC 
This issue has been addressed in following products:

  Red Hat Certificate System 7.3

Via RHSA-2010:0602 https://rhn.redhat.com/errata/RHSA-2010-0602.html