CVE-2014-9769 - OpenCVE

pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata during use of a regular expression in an Emerging Threats Open ruleset.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Pcre	Pcre

Configuration 1 [-]

cpe:2.3:a:pcre:pcre:8.35:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://vcs.pcre.org/pcre?view=revision&revision=1475
http://www.openwall.com/lists/oss-security/2016/03/26/1
http://www.securityfocus.com/bid/85570
http://www.securitytracker.com/id/1035424
https://bugs.debian.org/819050
https://nvd.nist.gov/vuln/detail/CVE-2014-9769
https://redmine.openinfosecfoundation.org/issues/1693
https://www.cve.org/CVERecord?id=CVE-2014-9769

History

No history.

MITRE

Status: PUBLISHED

Assigner: debian

Published: 2016-03-28T16:00:00

Updated: 2024-08-06T13:55:04.649Z

Reserved: 2016-03-28T00:00:00

Link: CVE-2014-9769

Vulnrichment

No data.

NVD

Status : Modified

Published: 2016-03-28T16:59:00.113

Modified: 2016-12-03T03:02:15.143

Link: CVE-2014-9769

Redhat

Severity : Moderate

Publid Date: 2016-03-23T00:00:00Z

Links: CVE-2014-9769 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-04-25T00:00:00", "descriptions": [{"lang": "en", "value": "pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata during use of a regular expression in an Emerging Threats Open ruleset."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-30T18:57:01", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://vcs.pcre.org/pcre?view=revision&revision=1475"}, {"name": "85570", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/85570"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://redmine.openinfosecfoundation.org/issues/1693"}, {"name": "1035424", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1035424"}, {"name": "[oss-security] 20160326 CVE Request: pcre: Segmentation fault on certain input to regular expressions with nested alternatives when JIT is used", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/03/26/1"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.debian.org/819050"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@debian.org", "ID": "CVE-2014-9769", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata during use of a regular expression in an Emerging Threats Open ruleset."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://vcs.pcre.org/pcre?view=revision&revision=1475", "refsource": "CONFIRM", "url": "http://vcs.pcre.org/pcre?view=revision&revision=1475"}, {"name": "85570", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85570"}, {"name": "https://redmine.openinfosecfoundation.org/issues/1693", "refsource": "CONFIRM", "url": "https://redmine.openinfosecfoundation.org/issues/1693"}, {"name": "1035424", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035424"}, {"name": "[oss-security] 20160326 CVE Request: pcre: Segmentation fault on certain input to regular expressions with nested alternatives when JIT is used", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/03/26/1"}, {"name": "https://bugs.debian.org/819050", "refsource": "CONFIRM", "url": "https://bugs.debian.org/819050"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:55:04.649Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://vcs.pcre.org/pcre?view=revision&revision=1475"}, {"name": "85570", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/85570"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/1693"}, {"name": "1035424", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1035424"}, {"name": "[oss-security] 20160326 CVE Request: pcre: Segmentation fault on certain input to regular expressions with nested alternatives when JIT is used", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/03/26/1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.debian.org/819050"}]}]}, "cveMetadata": {"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2014-9769", "datePublished": "2016-03-28T16:00:00", "dateReserved": "2016-03-28T00:00:00", "dateUpdated": "2024-08-06T13:55:04.649Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pcre:pcre:8.35:*:*:*:*:*:*:*", "matchCriteriaId": "9DA3CC4F-1797-46D8-8C3D-0605E71C5EAE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata during use of a regular expression in an Emerging Threats Open ruleset."}, {"lang": "es", "value": "pcre_jit_compile.c en PCRE 8.35 no utiliza correctamente saltos de tabla para optimizar alternativas anidadas, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de la memoria de pila) o posiblemente tener otro impacto no especificado a trav\u00e9s de una cadena manipulada, seg\u00fan lo demostrado por paquetes encontrados por Suricata durante el uso de una expresi\u00f3n regular en un conjunto de reglas Emerging Threats Open."}], "id": "CVE-2014-9769", "lastModified": "2016-12-03T03:02:15.143", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-03-28T16:59:00.113", "references": [{"source": "security@debian.org", "url": "http://vcs.pcre.org/pcre?view=revision&revision=1475"}, {"source": "security@debian.org", "url": "http://www.openwall.com/lists/oss-security/2016/03/26/1"}, {"source": "security@debian.org", "url": "http://www.securityfocus.com/bid/85570"}, {"source": "security@debian.org", "url": "http://www.securitytracker.com/id/1035424"}, {"source": "security@debian.org", "url": "https://bugs.debian.org/819050"}, {"source": "security@debian.org", "url": "https://redmine.openinfosecfoundation.org/issues/1693"}], "sourceIdentifier": "security@debian.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "pcre: incorrect nested table jumps when JIT is used (8.36/6)", "id": "1320995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1320995"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status": "draft"}, "details": ["pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata during use of a regular expression in an Emerging Threats Open ruleset."], "name": "CVE-2014-9769", "package_state": [{"cpe": "cpe:/a:redhat:directory_server:8", "fix_state": "Not affected", "package_name": "pcre", "product_name": "Red Hat Directory Server 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "pcre", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "glib2", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "pcre", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "glib2", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "pcre", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "virtuoso-opensource", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1", "fix_state": "Not affected", "package_name": "httpd", "product_name": "Red Hat JBoss Enterprise Web Server 1"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2", "fix_state": "Not affected", "package_name": "httpd", "product_name": "Red Hat JBoss Enterprise Web Server 2"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3", "fix_state": "Not affected", "package_name": "pcre", "product_name": "Red Hat JBoss Enterprise Web Server 3"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Not affected", "package_name": "php54-php", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Not affected", "package_name": "php55-php", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Not affected", "package_name": "rh-mariadb100-mariadb", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Not affected", "package_name": "rh-mariadb101-mariadb", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Not affected", "package_name": "rh-php56-php", "product_name": "Red Hat Software Collections"}], "public_date": "2016-03-23T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-9769\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-9769"], "threat_severity": "Moderate", "upstream_fix": "pcre 8.36"}