Arch Linux: ASA-201411-29 Low: pcre Heap Buffer Overflow Denial Of Service
Nov 26, 2014
•
LinuxSecurity Advisories
1 min read
The package pcre before version 8.36-2 is vulnerable to denial of service via a heap buffer overlow.
Arch Linux Security Advisory ASA-201411-29 ========================================= Severity: Low Date : 2014-11-26 CVE-ID : CVE-2014-8964 Package : pcre Type : heap buffer overflow Remote : No Link : https://wiki.archlinux.org/title/CVE-2014 Summary ====== The package pcre before version 8.36-2 is vulnerable to denial of service via a heap buffer overlow. Resolution ========= Upgrade to 8.36-2. # pacman -Syu "pcre>=8.36-2" The problem has been fixed upstream but no version released yet. Workaround ========= None. Description ========== A heap buffer overflow issue was found in PCRE when processing a specially crafted regular expression, causing a denial of service or other unspecified impact. Impact ===== An attacker able to supply a specially crafted regular expression can cause a denial of service, or other unspecified impact. References ========= http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8964 https://bugs.archlinux.org/task/42860
PREVIOUS
NEXT
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!