Vulnerability Note VU#695940
Henry Spencer regular expressions (regex) library contains a heap overflow vulnerability
A regular expressions C library originally written by Henry Spencer is vulnerable to a heap overflow in some circumstances.
CWE-122: Heap-based Buffer Overflow
From the researcher, the variable len that holds the length of a regular expression string is "enlarged to such an extent that, in the process of enlarging (multiplication and addition), causes the 32 bit register/variable to overflow." It may be possible for an attacker to use this overflow to change data in memory.
The complete impact of this vulnerability is not yet known. Since the library is utilized in different ways, the impact is likely to vary depending on vendor. In worst case, a malicious actor may be able to execute arbitrary code.
Apply an update
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Debian GNU/Linux||Affected||06 Feb 2015||09 Feb 2015|
|DragonFly BSD Project||Affected||06 Feb 2015||13 Feb 2015|
|FreeBSD Project||Affected||06 Feb 2015||09 Feb 2015|
|NetBSD||Affected||06 Feb 2015||09 Feb 2015|
|Wind River Systems, Inc.||Affected||06 Feb 2015||09 Feb 2015|
|Check Point Software Technologies||Not Affected||06 Feb 2015||24 Feb 2015|
|Fortinet, Inc.||Not Affected||06 Feb 2015||27 Feb 2015|
|Global Technology Associates, Inc.||Not Affected||06 Feb 2015||09 Feb 2015|
|Juniper Networks, Inc.||Not Affected||06 Feb 2015||09 Feb 2015|
|OpenBSD||Not Affected||06 Feb 2015||09 Feb 2015|
|ACCESS||Unknown||06 Feb 2015||06 Feb 2015|
|Alcatel-Lucent||Unknown||06 Feb 2015||06 Feb 2015|
|Apple||Unknown||06 Feb 2015||06 Feb 2015|
|Arch Linux||Unknown||06 Feb 2015||06 Feb 2015|
|AT&T||Unknown||06 Feb 2015||06 Feb 2015|
CVSS Metrics (Learn More)
This vulnerability was reported publicly by Guido Vranken.
This document was written by Garret Wassermann.
- CVE IDs: Unknown
- Date Public: 04 Feb 2015
- Date First Published: 13 Feb 2015
- Date Last Updated: 27 Feb 2015
- Document Revision: 28
If you have feedback, comments, or additional information about this vulnerability, please send us email.