2077983 – (CVE-2022-1587) CVE-2022-1587 pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c

Bug 2077983 (CVE-2022-1587) - CVE-2022-1587 pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c

Summary: CVE-2022-1587 pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_j...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2022-1587
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2080051 2077986 2081974 2081975 2081976 2086873
Blocks:	2077988 2081999
TreeView+	depends on / blocked

Reported:	2022-04-22 19:01 UTC by Pedro Sampaio
Modified:	2022-11-25 06:30 UTC (History)
CC List:	27 users (show)
Fixed In Version:	pcre2 10.40
Doc Type:	If docs needed, set a value
Doc Text:	An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.
Clone Of:
Environment:
Last Closed:	2022-07-01 10:12:41 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2022:5251	0	None	None	None	2022-06-28 14:59:49 UTC

Description Pedro Sampaio 2022-04-22 19:01:40 UTC

An out-of-bounds read was discovered in PCRE version 10.39, affecting recursions in JIT-compiled regular expressions. The bug is present in the function "get_recurse_data_length", declared in "pcre2_jit_compile.c".

References:

https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0

Comment 1 Pedro Sampaio 2022-04-22 19:04:12 UTC

Created pcre2 tracking bugs for this issue:

Affects: fedora-all [bug 2077986]

Comment 5 TEJ RATHI 2022-05-05 06:47:38 UTC

Created mingw-pcre2 tracking bugs for this issue:

Affects: fedora-all [bug 2081976]

Comment 9 Lukas Javorsky 2022-05-19 11:18:54 UTC

I've submitted an upstream issue to find out which commits really fix the CVE

https://github.com/PCRE2Project/pcre2/issues/122

Comment 11 errata-xmlrpc 2022-06-28 14:59:46 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2022:5251 https://access.redhat.com/errata/RHSA-2022:5251

Comment 12 Product Security DevOps Team 2022-07-01 10:12:38 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-1587

Note You need to log in before you can comment on or make changes to this bug.

bdettelb
caswilli
dhalasz
dkuc
fjansen
ggastald
hhorak
jburrell
jwong
kaycoth
ljavorsk
manisandro
micjohns
mschorm
psegedy
rfreiman
ryanhammerdick
sbiarozk
sthirugn
tcarlin
tfister
tkasparek
tmeszaro
tsasak
vkrizan
vkumar
vmugicag