Bug 166333 - CAN-2005-2491 PCRE heap overflow
CAN-2005-2491 PCRE heap overflow
Product: Fedora
Classification: Fedora
Component: pcre (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Ngo Than
Ben Levenson
: Security
Depends On:
Blocks: CVE-2005-2491
  Show dependency treegraph
Reported: 2005-08-19 07:47 EDT by Mark J. Cox (Product Security)
Modified: 2008-01-29 04:40 EST (History)
1 user (show)

See Also:
Fixed In Version: 5.0-4.1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-08-25 07:09:27 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Mark J. Cox (Product Security) 2005-08-19 07:47:08 EDT
+++ This bug was initially created as a clone of Bug #166330 +++

PCRE 6.2 was released recently which included a fix for a heap buffer overflow.
 PCRE is used by things such as Apache but only for configuration (therefore
making an exploit low severity).  A number of packages also include PCRE code
internally, I'll be adding separate bugs for those that contain PCRE and do not
use system PCRE later.

Changelog states:

1. There was no test for integer overflow of quantifier values. A construction
such as {1111111111111111} would give undefined results. What is worse, if
a minimum quantifier for a parenthesized subpattern overflowed and became
negative, the calculation of the memory size went wrong. This  could have led to
memory overwriting.

A minimal diff of the flaw is attached, the full 6.2 to 6.1 diff contains other
fixes that might be worth incorporating and a test for this flaw.

FC3 and FC4 affected
Comment 1 Ngo Than 2005-08-19 09:47:30 EDT
it's now fixed in pcre-4.5-3.1.1.fc3 and pcre-5.0-4.1.fc4

Comment 2 Fedora Update System 2005-08-24 11:43:33 EDT
From User-Agent: XML-RPC

pcre-4.5-3.1.1.fc3 has been pushed for FC3, which should resolve this issue.

If these issues are still present in this version, then please re-open this bug.
Comment 3 Fedora Update System 2005-08-24 11:43:37 EDT
From User-Agent: XML-RPC

%(package)s has been pushed for %(release)s, which should resolve this issue.

If these issues are still present in this version, then please re-open this bug.
Comment 4 Walter Justen 2005-08-25 07:09:27 EDT
Thanks for the bug report. This particular bug was fixed and a update package
was published for download. Please feel free to report any further bugs you find.

Note You need to log in before you can comment on or make changes to this bug.