Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 702012 (CVE-2019-19012, CVE-2019-19203, CVE-2019-19204) - <dev-libs/oniguruma-6.9.4: multiple vulnerabilities (CVE-2019-{19012,19203,19204})
Summary: <dev-libs/oniguruma-6.9.4: multiple vulnerabilities (CVE-2019-{19012,19203,19...
Status: IN_PROGRESS
Alias: CVE-2019-19012, CVE-2019-19203, CVE-2019-19204
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [glsa?]
Keywords: STABLEREQ
Depends on:
Blocks:
 
Reported: 2019-12-05 02:28 UTC by GLSAMaker/CVETool Bot
Modified: 2020-01-26 05:09 UTC (History)
1 user (show)

See Also:
Package list:
dev-libs/oniguruma-6.9.4
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2019-12-05 02:28:34 UTC
CVE-2019-19012 (https://nvd.nist.gov/vuln/detail/CVE-2019-19012):
  An integer overflow in the search_in_range function in regexec.c in
  Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the
  offset of this read is under the control of an attacker. (This only affects
  the 32-bit compiled version). Remote attackers can cause a denial-of-service
  or information disclosure, or possibly have unspecified other impact, via a
  crafted regular expression.

CVE-2019-19203 (https://nvd.nist.gov/vuln/detail/CVE-2019-19203):
  An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function
  gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced
  without checking if it passed the end of the matched string. This leads to a
  heap-based buffer over-read.

CVE-2019-19204 (https://nvd.nist.gov/vuln/detail/CVE-2019-19204):
  An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function
  fetch_interval_quantifier (formerly known as fetch_range_quantifier) in
  regparse.c, PFETCH is called without checking PEND. This leads to a
  heap-based buffer over-read.
Comment 1 Agostino Sarubbo gentoo-dev 2019-12-05 08:38:59 UTC
amd64 stable
Comment 2 Rolf Eike Beer 2019-12-06 21:36:23 UTC
hppa/sparc stable
Comment 3 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2019-12-08 15:52:25 UTC
arm64 stable
Comment 4 Sergei Trofimovich gentoo-dev 2019-12-08 23:41:48 UTC
ia64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2019-12-09 07:49:50 UTC
s390 stable
Comment 6 Agostino Sarubbo gentoo-dev 2019-12-09 08:49:11 UTC
x86 stable
Comment 7 Agostino Sarubbo gentoo-dev 2019-12-09 12:10:44 UTC
ppc64 stable
Comment 8 Agostino Sarubbo gentoo-dev 2019-12-10 12:19:38 UTC
ppc stable
Comment 9 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2019-12-24 15:10:06 UTC
arm stable