{"id":"MGASA-2020-0029","summary":"Updated oniguruma packages fix security vulnerabilities","details":"Updated oniguruma packages fix security vulnerabilities:\n\nA use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2\nallows attackers to potentially cause information disclosure, denial\nof service, or possibly code execution by providing a crafted regular\nexpression. The attacker provides a pair of a regex pattern and a string,\nwith a multi-byte encoding that gets handled by onig_new_deluxe()\n(CVE-2019-13224).\n\nA NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2\nallows attackers to potentially cause denial of service by providing a\ncrafted regular expression (CVE-2019-13225).\n\nOniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of\nrecursion in regparse.c (CVE-2019-16163).\n\nAn integer overflow in the search_in_range function in regexec.c leads to\nan out-of-bounds read, in which the offset of this read is under the\ncontrol of an attacker. (This only affects the 32-bit compiled version).\nRemote attackers can cause a denial-of-service or information disclosure,\nor possibly have unspecified other impact, via a crafted regular expression\n(CVE-2019-19012).\n\nAn issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function\ngb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced\nwithout checking if it passed the end of the matched string. This leads to\na heap-based buffer over-read (CVE-2019-19203).\n\nIn the function fetch_range_quantifier in regparse.c, PFETCH is called\nwithout checking PEND. This leads to a heap-based buffer over-read and\nlead to denial-of-service via a crafted regular expression\n(CVE-2019-19204).\n\nHeap-based buffer over-read in str_lower_case_match in regexec.c can lead\nto denial-of-service via a crafted regular expression (CVE-2019-19246).\n","modified":"2026-02-04T02:56:19.455597Z","published":"2020-01-11T23:52:04Z","related":["CVE-2019-13224","CVE-2019-13225","CVE-2019-16163","CVE-2019-19012","CVE-2019-19203","CVE-2019-19204","CVE-2019-19246"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0029.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=25843"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SNL26OZSQRVLEO6JRNUVIMZTICXBNEQW/"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NWOWZZNFSAWM3BUTQNAE3PD44A6JU4KE/"},{"type":"REPORT","url":"https://www.debian.org/lts/security/2019/dla-2020"},{"type":"REPORT","url":"https://security-tracker.debian.org/tracker/CVE-2019-19203"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/"}],"affected":[{"package":{"name":"oniguruma","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/oniguruma?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.9.4-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0029.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}