{"id":"CVE-2017-9229","details":"An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg-\u003edmax in forward_search_range() could result in an invalid pointer dereference, normally as an immediate denial-of-service condition.","modified":"2026-04-16T06:16:08.734461143Z","published":"2017-05-24T15:29:00.417Z","related":["SUSE-SU-2017:3237-1","SUSE-SU-2017:3277-1","SUSE-SU-2018:0003-1","SUSE-SU-2020:1570-1"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"type":"FIX","url":"https://github.com/kkos/oniguruma/commit/b690371bbf97794b4a1d3f295d4fb9a8b05d402d"},{"type":"EVIDENCE","url":"https://github.com/kkos/oniguruma/issues/59"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/kkos/oniguruma","events":[{"introduced":"0"},{"last_affected":"c4ce370f5754b34321c7f87cdc6f198864221eca"},{"fixed":"b690371bbf97794b4a1d3f295d4fb9a8b05d402d"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"6.2.0"}]}},{"type":"GIT","repo":"https://github.com/php/php-src","events":[{"introduced":"0"},{"last_affected":"5d08c710749096291e294afd641e4429760c6c6e"},{"introduced":"fc1df8e7a6886e29a6ed5bef3f674ac61164e847"},{"fixed":"de96a08a90e480f1afb655bcfeac8ac28a14228e"},{"introduced":"60fffd296abce5fc071f3c173c25a2696cf683c6"},{"fixed":"8a79ce6c8b9d309573993ce332f3951ea1947e2f"},{"introduced":"0221e9f827632942225586687a33cfd554860d5e"},{"fixed":"73915a2bd61f21fd809b4d50af9aba950f43e807"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"7.1.5"},{"introduced":"5.6.0"},{"fixed":"5.6.31"},{"introduced":"7.0.0"},{"fixed":"7.0.21"},{"introduced":"7.1.0"},{"fixed":"7.1.7"}]}},{"type":"GIT","repo":"https://github.com/ruby/ruby","events":[{"introduced":"0"},{"last_affected":"820605ba3c10b9f4dafc4e5d6e09765b8b31cbea"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.4.1"}]}}],"versions":["POST_64BIT_BRANCH_MERGE","POST_AST_MERGE","POST_PHP7_NSAPI_REMOVAL","POST_PHP7_REMOVALS","POST_PHPNG_MERGE","PRE_64BIT_BRANCH_MERGE","PRE_AST_MERGE","PRE_PHP7_EREG_MYSQL_REMOVALS","PRE_PHP7_NSAPI_REMOVAL","PRE_PHP7_REMOVALS","php-7.0.21RC1","php-7.1.5","php-7.1.5RC1","php-7.1.7RC1","v1_0_r2","v2_4_1","v5.9.6","v6.0.0","v6.1.0","v6.1.1","v6.1.2","v6.1.3","v6.2.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9229.json","vanir_signatures":[{"signature_type":"Function","source":"https://github.com/kkos/oniguruma/commit/b690371bbf97794b4a1d3f295d4fb9a8b05d402d","deprecated":false,"target":{"function":"forward_search_range","file":"src/regexec.c"},"signature_version":"v1","id":"CVE-2017-9229-2b3e9cd2","digest":{"length":3086,"function_hash":"105094539439841922480547185931894644113"}},{"deprecated":false,"source":"https://github.com/php/php-src/commit/73915a2bd61f21fd809b4d50af9aba950f43e807","signature_type":"Function","target":{"function":"compile_bracket_matchingpath","file":"ext/pcre/pcrelib/pcre_jit_compile.c"},"signature_version":"v1","id":"CVE-2017-9229-343f4c1a","digest":{"length":13872,"function_hash":"233037532068098537505988791132617368492"}},{"signature_type":"Line","source":"https://github.com/kkos/oniguruma/commit/b690371bbf97794b4a1d3f295d4fb9a8b05d402d","deprecated":false,"target":{"file":"src/regexec.c"},"signature_version":"v1","id":"CVE-2017-9229-7c84093e","digest":{"threshold":0.9,"line_hashes":["238193524994326941537268933406975216315","323539855602310814567028195441961855234","219948217909986542639566319432215472492","29692786740800380382408848046168031926","297123705308508685111363668584463538286","35490740505333762553166574200435388724","206860580592534291063270562780357167672","231276264933485246742963358198498899993","223498094614570401752945301332299570037","241074634920618019596635727660223892802","302066423732294138736347109270700250069","223933234807833074803479263502432519355","250386841442677365720412883020285542002","23757839308301754900811200943268626812","36125937906016925669278558201631510719"]}},{"signature_type":"Line","source":"https://github.com/php/php-src/commit/73915a2bd61f21fd809b4d50af9aba950f43e807","deprecated":false,"target":{"file":"ext/pcre/pcrelib/pcre_jit_compile.c"},"signature_version":"v1","id":"CVE-2017-9229-cfd9dfdb","digest":{"threshold":0.9,"line_hashes":["41612049881914751775057704412356952022","206133687184829194312361432760839012982","60469889591596012334583203454317370370","317056786488417399517652373716894105276"]}}],"vanir_signatures_modified":"2026-04-11T04:59:35Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}