A buffer overflow vulnerability in PCRE before 8.38 was found, caused by pattern with duplicated named groups and an occurrence of (?| , it is possible for an apparently non-recursive back reference to become recursive if a later named group with the relevant number is encountered. This allows remote attackers to cause a denial of service (unintended recursion and buffer overflow) or possibly have unspecified other impact via a crafted regular expression.
Created pcre tracking bugs for this issue: Affects: fedora-all [bug 1287691]
Created glib2 tracking bugs for this issue: Affects: fedora-all [bug 1287693]
Created mingw-pcre tracking bugs for this issue: Affects: fedora-all [bug 1287692] Affects: epel-7 [bug 1287694]
Corresponds to item 27 in http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup
Fixed in upstream with: commit 7af8e8717def179fd7b69e173abd347c1a3547cb Author: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> Date: Wed Aug 5 15:38:32 2015 +0000 Fix buffer overflow for named references in (?| situations. git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1585 2f5784b3-3f2a-0410-8824- cb99058d5e15
(In reply to Petr Pisar from comment #5) > commit 7af8e8717def179fd7b69e173abd347c1a3547cb > Author: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> > Date: Wed Aug 5 15:38:32 2015 +0000 > > Fix buffer overflow for named references in (?| situations. Upstream commit link: http://vcs.pcre.org/pcre?view=revision&revision=1585
Another issue introduced in upstream version 8.34, which refactored named group handling code and apparently several bugs were introduced in the process.
*** Bug 1250943 has been marked as a duplicate of this bug. ***
Upstream bug (see duplicate bug 1250943): https://bugs.exim.org/show_bug.cgi?id=1667
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Via RHSA-2016:1132 https://access.redhat.com/errata/RHSA-2016:1132
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS Via RHSA-2016:2750 https://rhn.redhat.com/errata/RHSA-2016-2750.html