oss-sec mailing list archives

Re: CVE-2017-16231: PCRE 8.41 match() stack overflow; CVE-2017-16232: LibTIFF 4.0.8 memory leaks

From: Agostino Sarubbo <ago () gentoo org>
Date: Wed, 01 Nov 2017 16:29:32 +0100

On mercoledì 1 novembre 2017 03:26:56 CET 旺仔 wrote:

[Suggested description]
In PCRE 8.41,
after compiling, a pcretest load test PoC produces a crash overflow
in the function match() in pcre_exec.c because of a self-recursive call.



------------------------------------------



[Vulnerability Type]
Buffer Overflow



------------------------------------------



[Vendor of Product]
Perl Compatible Regular Expressions



------------------------------------------



[Affected Product Code Base]
PCRE - 8.41



------------------------------------------



[Affected Component]
file:pcre_exec.c
function match() line 983 and line 2061



------------------------------------------



[Attack Type]
Local



------------------------------------------



[Impact Denial of Service]
true



------------------------------------------



[Attack Vectors]
A crash file



------------------------------------------



[Discoverer]
ZHANG JIAWANG from cncert



Use CVE-2017-16231.


I guess that this bug is similar or the same described here:
https://bugs.exim.org/show_bug.cgi?id=2047

Based on the upstream comment I'd suggest to reject the CVE.
-- 
Agostino Sarubbo
Gentoo Linux Developer

Current thread:

CVE-2017-16231: PCRE 8.41 match() stack overflow; CVE-2017-16232: LibTIFF 4.0.8 memory leaks ???? (Nov 01)
- Re: CVE-2017-16231: PCRE 8.41 match() stack overflow; CVE-2017-16232: LibTIFF 4.0.8 memory leaks Bob Friesenhahn (Nov 01)
- Re: CVE-2017-16231: PCRE 8.41 match() stack overflow; CVE-2017-16232: LibTIFF 4.0.8 memory leaks Agostino Sarubbo (Nov 01)
  - Re: CVE-2017-16231: PCRE 8.41 match() stack overflow; CVE-2017-16232: LibTIFF 4.0.8 memory leaks Solar Designer (Nov 01)