It was reported that segmentation fault in surricata appeared when certain regex is processed by pcre_exec in libpcre3. Bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819050
Created pcre tracking bugs for this issue: Affects: fedora-all [bug 1320996]
Created suricata tracking bugs for this issue: Affects: fedora-all [bug 1321002]
Created glib2 tracking bugs for this issue: Affects: fedora-all [bug 1320998]
Created mingw-glib2 tracking bugs for this issue: Affects: fedora-all [bug 1320999] Affects: epel-7 [bug 1321001]
Created mingw-pcre tracking bugs for this issue: Affects: fedora-all [bug 1320997] Affects: epel-7 [bug 1321000]
Could you please provide reproducer? The debian bug report <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819050> is missing the "file" file content. Moreover, the reporter claimed it happens with pcre-8.35 but not with 8.38. We have 8.38 in all supported Fedoras.
CVE assignment: http://seclists.org/oss-sec/2016/q1/704
This was fixes with upstream commit: commit 60f995fc2f823183783633d5eb8af2eceb0bb663 Author: zherczeg <zherczeg@2f5784b3-3f2a-0410-8824-cb99058d5e15> Date: Fri Apr 25 11:59:19 2014 +0000 Fixed an issue with nested table jumps. git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1475 2f5784b3-3f2a-0410-8824-cb99058d5e15 and fixed in subsequent pcre-8.36 release. Reproducer from the commit: $ printf '%s\n%s\n' '/(?:x|(?:(xx|yy)+|x|x|x|x|x)|a|a|a)bc/' 'acb' | ./pcretest -s++ PCRE version 8.35 2014-04-04 re> Segmentation fault (core dumped)
The following post indicates that this issue was introduced in pcre version 8.35 via the following commit: http://vcs.pcre.org/pcre?view=revision&revision=1434 and corrected in 8.36 using the following commit (the same one as pointed out in comment 8 above): http://vcs.pcre.org/pcre?view=revision&revision=1475 Only upstream version 8.35 was affected by this issue. Red Hat products do not currently contain any package that includes pcre version 8.35.