Published: 01 April 2015
The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier.
CVSS 3 base score: 7.8
Launchpad, Ubuntu, Debian
|Ubuntu 14.04 ESM (Trusty Tahr)||
Unable to trigger the overflow in Vivid, Utopic, or Trusty.
seyeongkim reports that he was able to reproduce the issue on vivid and wily
valgrind does show an invalid read, even if it doesn't end in a crash can't reproduce on precise was supposed to be fixed in wily (2:8.35-7ubuntu2) but got reverted in (2:8.35-7ubuntu5) by mistake CVE-2015-2325_CVE-2015-2326_CVE-2015-3210_CVE-2015-5073.patch in jessie