It was reported that pcre_exec in PHP pcre extension partially initialize a buffer when an invalid regex is processed, which can information disclosure.
A mitigation fix have been applied in PHP 5.4+
Upstream bug report (with a patch proposal):
The upstream PCRE bug contains detailed description of the issue along with a possible way to reproduce this way:
From the analysis it seems that the maximum impact of this flaw is memory disclosure, which could be an issue specially when pcre is used in web browsers or other similar products, specially when the disclosed memory is recoverable by the attackers.
This patch has been committed upstream via:
And is a part of upstream release pcre-8.37
This flaw is related to bad regex code and does not require malicious user-input to trigger.
Created mingw-pcre tracking bugs for this issue:
Affects: fedora-all [bug 1249905]
Created pcre tracking bugs for this issue:
Affects: fedora-21 [bug 1249906]