Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 575546 (ZDI-CAN-3542) - <dev-libs/libpcre-8.38-r1: stack buffer overflow for (*ACCEPT) with deeply nested parentheses
Summary: <dev-libs/libpcre-8.38-r1: stack buffer overflow for (*ACCEPT) with deeply ne...
Alias: ZDI-CAN-3542
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: A2 [glsa]
Depends on:
Blocks: CVE-2016-1283
  Show dependency tree
Reported: 2016-02-24 11:48 UTC by Kristian Fiskerstrand (RETIRED)
Modified: 2016-10-10 11:57 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Kristian Fiskerstrand (RETIRED) gentoo-dev 2016-02-24 11:48:27 UTC
ZDI-CAN-3542: PCRE Regular Expression Compilation Stack Buffer Overflow Remote Code Execution Vulnerability

-- CVSS -----------------------------------------

5.1, AV:N/AC:H/Au:N/C:P/I:P/A:P

-- ABSTRACT -------------------------------------

HP's Zero Day Initiative has identified a vulnerability affecting the following products:


-- VULNERABILITY DETAILS ------------------------

Tested on Linux.

PCRE does not validate that handling the (*ACCEPT) verb will occur within the bounds of the cworkspace stack buffer, leading to a stack buffer overflow.
Comment 1 Kristian Fiskerstrand (RETIRED) gentoo-dev 2016-02-24 11:50:17 UTC
The issue is fixed upstream in pcre and pcre2 via the following commits:
Comment 2 SpanKY gentoo-dev 2016-04-02 20:51:49 UTC
added upstream patches; should be fined to stable:
Comment 3 Aaron Bauman (RETIRED) gentoo-dev 2016-06-20 10:32:06 UTC
@arches, please stabilize:

Comment 4 Aaron Bauman (RETIRED) gentoo-dev 2016-06-20 10:33:18 UTC
Added to existing GLSA.
Comment 5 Tobias Klausmann (RETIRED) gentoo-dev 2016-06-20 10:52:18 UTC
Stable on alpha.
Comment 6 Jeroen Roovers (RETIRED) gentoo-dev 2016-06-21 11:22:52 UTC
Stable for HPPA PPC64.
Comment 7 Markus Meier gentoo-dev 2016-06-26 18:33:34 UTC
arm stable
Comment 8 Agostino Sarubbo gentoo-dev 2016-06-27 08:25:35 UTC
amd64 stable
Comment 9 Agostino Sarubbo gentoo-dev 2016-06-27 08:49:05 UTC
x86 stable
Comment 10 Agostino Sarubbo gentoo-dev 2016-07-08 07:55:42 UTC
ppc stable
Comment 11 Agostino Sarubbo gentoo-dev 2016-07-08 10:04:13 UTC
sparc stable
Comment 12 Agostino Sarubbo gentoo-dev 2016-07-08 12:03:45 UTC
ia64 stable
Comment 13 Aaron Bauman (RETIRED) gentoo-dev 2016-07-08 14:44:53 UTC
Removing unstable arches.

@maintainer(s), please cleanup.
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2016-07-09 02:12:14 UTC
This issue was resolved and addressed in
 GLSA 201607-02 at
by GLSA coordinator Aaron Bauman (b-man).
Comment 15 Aaron Bauman (RETIRED) gentoo-dev 2016-07-09 02:13:25 UTC
Re-opening for cleanup.

@maintainer(s), please cleanup the vulnerable versions.
Comment 16 Aaron Bauman (RETIRED) gentoo-dev 2016-07-16 00:19:05 UTC
@maintainers, bump for cleanup.
Comment 17 Yury German Gentoo Infrastructure gentoo-dev 2016-09-10 01:01:54 UTC
Maintainer(s), please drop the vulnerable version(s).

Version: 8.38 : 3
Comment 18 Aaron Bauman (RETIRED) gentoo-dev 2016-10-10 11:32:17 UTC
Any reason these cannot be cleaned?
Comment 19 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2016-10-10 11:39:17 UTC
commit fb22a9ea0a8b6b4e3911d5360779c9740df08f46
Author: Lars Wendler <>
Date:   Mon Oct 10 13:37:59 2016

    dev-libs/libpcre: Security cleanup (bug #575546).

    Package-Manager: portage-2.3.1
    Signed-off-by: Lars Wendler <>
Comment 20 Aaron Bauman (RETIRED) gentoo-dev 2016-10-10 11:57:17 UTC
Thanks again!