Maksymilian Arciemowicz reported memory corruption issues in the libstdc++ C++ regex library. If an attacker were able to make an application using this library process a specially-crafted regular expression, it could cause the application to crash or, potentially, execute arbitrary code. Original report: http://seclists.org/fulldisclosure/2014/Aug/1 Upstream bug: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61582 Currently on Fedora, this requires compiling the affected program with the experimental ISO C++ 2011 support by using the "-std=c++11" option.
Created gcc tracking bugs for this issue: Affects: fedora-all [bug 1126692]
CVE request: http://www.openwall.com/lists/oss-security/2014/08/05/4
As pointed out by Rich Felker, this is not a flaw in the "ISO C++ 2011 regex library" specification, but rather a GCC/libstdc++ bug: http://www.openwall.com/lists/oss-security/2014/08/05/11