Lucene search

PRIOn knowledge basePRION:CVE-2017-9228

HistoryMay 24, 2017 - 3:29 p.m.

Heap overflow

2017-05-2415:29:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.9%

JSON

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect state transition in parse_char_class() could create an execution path that leaves a critical local variable uninitialized until it’s used as an index, resulting in an out-of-bounds write memory corruption.

CPENameOperatorVersion
onigurumaeq6.2.0
phpge7.1.0
phplt7.1.7
phpge7.0.0
phplt7.0.21
phpge5.6.0
phplt5.6.31

Name	Operator	Version
oniguruma	eq	6.2.0
php	ge	7.1.0
php	lt	7.1.7
php	ge	7.0.0
php	lt	7.0.21
php	ge	5.6.0
php	lt	5.6.31

References

access.redhat.com/errata/RHSA-2018:1296

github.com/kkos/oniguruma/commit/3b63d12038c8d8fc278e81c942fa9bec7c704c8b

github.com/kkos/oniguruma/issues/60