What is the severity of REDHAT-BUG-384801?

REDHAT-BUG-384801 is categorized as a major bug that can lead to incorrect memory computation when compiling patterns.

How do I fix REDHAT-BUG-384801?

To resolve REDHAT-BUG-384801, you should update to the latest version of the PCRE library that addresses this memory computation issue.

What does REDHAT-BUG-384801 affect?

REDHAT-BUG-384801 affects the PCRE library, specifically versions prior to the fix provided in version 7.0.

Is REDHAT-BUG-384801 a security vulnerability?

While REDHAT-BUG-384801 is a significant bug, it is focused on memory computation rather than direct security exploitation.

What are the potential risks of not addressing REDHAT-BUG-384801?

Failing to address REDHAT-BUG-384801 may lead to unpredictable behavior in applications relying on PCRE for pattern matching, potentially causing crashes or memory leaks.

Vulnerability/
REDHAT-BUG-384801

high

15/11/2007

11/5/2023

REDHAT-BUG-384801

First published: Thu Nov 15 2007(Updated: )

From pcre changelog, version 7.0: 4. Fixed a major bug that caused incorrect computation of the amount of memory required for a compiled pattern when options that changed within the pattern affected the logic of the preliminary scan that determines the length. The relevant options are -x, and -i in UTF-8 mode. The result was that the computed length was too small. The symptoms of this bug were either the PCRE error "internal error: code overflow" from pcre_compile(), or a glibc crash with a message such as "pcretest: free(): invalid next size (fast)". Examples of patterns that provoked this bug (shown in pcretest format) are: /(?-x: )/x /(?x)(?-x: \s*#\s*)/ /((?i)[\x{c0}])/8 /(?i:[\x{c0}])/8 HOWEVER: Change 17 below makes this fix obsolete as the memory computation is now done differently. Acknowledgements: Red Hat would like to thank Ludwig Nussel for reporting this issue.

Affected Software	Affected Version	How to fix
PCRE

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of REDHAT-BUG-384801?
REDHAT-BUG-384801 is categorized as a major bug that can lead to incorrect memory computation when compiling patterns.
How do I fix REDHAT-BUG-384801?
To resolve REDHAT-BUG-384801, you should update to the latest version of the PCRE library that addresses this memory computation issue.
What does REDHAT-BUG-384801 affect?
REDHAT-BUG-384801 affects the PCRE library, specifically versions prior to the fix provided in version 7.0.
Is REDHAT-BUG-384801 a security vulnerability?
While REDHAT-BUG-384801 is a significant bug, it is focused on memory computation rather than direct security exploitation.
What are the potential risks of not addressing REDHAT-BUG-384801?
Failing to address REDHAT-BUG-384801 may lead to unpredictable behavior in applications relying on PCRE for pattern matching, potentially causing crashes or memory leaks.

collector/redhat-bugzilla
alias/CVE-2006-7230
agent/type
agent/last-modified-date
agent/first-publish-date
agent/event
agent/references
agent/severity
agent/description
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/pcre
canonical/pcre

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.