FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

pcre -- multiple vulnerabilities

Affected packages
pcre < 8.37

Details

VuXML ID 4a88e3ed-00d3-11e5-a072-d050996490d0
Discovery 2015-04-28
Entry 2015-05-22
Modified 2015-06-07

PCRE development team reports:

A pattern such as "((?2){0,1999}())?", which has a group containing a forward reference repeated a large (but limited) number of times within a repeated outer group that has a zero minimum quantifier, caused incorrect code to be compiled, leading to the error "internal error: previously-checked referenced subpattern not found" when an incorrect memory address was read. This bug was reported as "heap overflow", discovered by Kai Lu of Fortinet's FortiGuard Labs and given the CVE number CVE-2015-2325.

A pattern such as "((?+1)(\1))/" containing a forward reference subroutine call within a group that also contained a recursive back reference caused incorrect code to be compiled. This bug was reported as "heap overflow", discovered by Kai Lu of Fortinet's FortiGuard Labs, and given the CVE number CVE-2015-2326.

References

CVE Name CVE-2015-2325
CVE Name CVE-2015-2326
URL http://www.pcre.org/original/changelog.txt