CVE-2019-19012
published 2019-11-17CVE-2019-19012: An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this…
PriorityP347critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
10.54%
95.2th percentile
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | libonig | < libonig 6.9.4-1 (bookworm) | libonig 6.9.4-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| oniguruma_project | oniguruma | — | — |
| oniguruma_project | oniguruma | 6.0.0 – 6.9.3 | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8LOW
vendor_redhat9.8CRITICAL
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
libonig vulnerabilities
osv·2022-10-10·CVSS 7.5
CVE-2019-16163 [HIGH] libonig vulnerabilities
libonig vulnerabilities
It was discovered that Oniguruma incorrectly handled certain regular
expressions. An attacker could possibly use this issue to cause a denial
of service, obtain sensitive information or other unspecified impact. This issue
only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2019-16163,
CVE-2019-19012, CVE-2019-19204, CVE-2019-19246)
It was discovered that Oniguruma incorrectly handled memory when using certain
UChar pointers. An attacker could possibly use this issue to cause a denial of
service or sensitive information disclosure. (CVE-2019-19203)
GHSA
GHSA-5mw9-mr3r-536c: An integer overflow in the search_in_range function in regexec
ghsa_unreviewed·2022-05-24
CVE-2019-19012 [HIGH] GHSA-5mw9-mr3r-536c: An integer overflow in the search_in_range function in regexec
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.
OSV
libonig vulnerabilities
osv·2020-08-17·CVSS 7.5
CVE-2019-16163 [HIGH] libonig vulnerabilities
libonig vulnerabilities
It was discovered that Oniguruma incorrectly handled certain regular
expressions. An attacker could possibly use this issue to cause a denial
of service, obtain sensitive information or other unspecified impact.
(CVE-2019-16163, CVE-2019-19012, CVE-2019-19204, CVE-2019-19246)
OSV
CVE-2019-19012: An integer overflow in the search_in_range function in regexec
osv·2019-11-17·CVSS 9.8
CVE-2019-19012 [CRITICAL] CVE-2019-19012: An integer overflow in the search_in_range function in regexec
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.
Ubuntu
Oniguruma vulnerabilities
vendor_ubuntu·2022-10-10·CVSS 7.5
CVE-2019-19012 [HIGH] Oniguruma vulnerabilities
Title: Oniguruma vulnerabilities
Summary: Several security issues were fixed in Oniguruma.
It was discovered that Oniguruma incorrectly handled certain regular
expressions. An attacker could possibly use this issue to cause a denial
of service, obtain sensitive information or other unspecified impact. This issue
only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2019-16163,
CVE-2019-19012, CVE-2019-19204, CVE-2019-19246)
It was discovered that Oniguruma incorrectly handled memory when using certain
UChar pointers. An attacker could possibly use this issue to cause a denial of
service or sensitive information disclosure. (CVE-2019-19203)
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
Oniguruma vulnerabilities
vendor_ubuntu·2020-08-17·CVSS 7.5
CVE-2019-16163 [HIGH] Oniguruma vulnerabilities
Title: Oniguruma vulnerabilities
Summary: Several security issues were fixed in Oniguruma.
It was discovered that Oniguruma incorrectly handled certain regular
expressions. An attacker could possibly use this issue to cause a denial
of service, obtain sensitive information or other unspecified impact.
(CVE-2019-16163, CVE-2019-19012, CVE-2019-19204, CVE-2019-19246)
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read
vendor_redhat·2019-11-08·CVSS 9.8
CVE-2019-19012 [CRITICAL] CWE-190 oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read
oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.
An integer overflow vulnerability leading to an out-of-bounds read was found in the way Oniguruma handled regular expression quantifiers. A remote attacker could abuse this flaw by providing a malformed regular expression that, when processed by an application linked to Oniguruma, could crash the ap
Debian
CVE-2019-19012: libonig - An integer overflow in the search_in_range function in regexec.c in Oniguruma 6....
vendor_debian·2019·CVSS 9.8
CVE-2019-19012 [CRITICAL] CVE-2019-19012: libonig - An integer overflow in the search_in_range function in regexec.c in Oniguruma 6....
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.
Scope: local
bookworm: resolved (fixed in 6.9.4-1)
bullseye: resolved (fixed in 6.9.4-1)
forky: resolved (fixed in 6.9.4-1)
sid: resolved (fixed in 6.9.4-1)
trixie: resolved (fixed in 6.9.4-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2019-19012 oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read [openstack-rdo]
bugzilla·2020-03-17·CVSS 9.8
CVE-2019-19012 [CRITICAL] CVE-2019-19012 oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read [openstack-rdo]
CVE-2019-19012 oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read [openstack-rdo]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of openstack-rdo.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Bugzilla
CVE-2019-19012 oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read [epel-7]
bugzilla·2020-02-12·CVSS 9.8
CVE-2019-19012 [CRITICAL] CVE-2019-19012 oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read [epel-7]
CVE-2019-19012 oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read [epel-7]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-7.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Discussion:
Bugzilla
CVE-2019-19012 oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds [fedora-30]
bugzilla·2020-02-12·CVSS 9.8
CVE-2019-19012 [CRITICAL] CVE-2019-19012 oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds [fedora-30]
CVE-2019-19012 oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds [fedora-30]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-30.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Discussion:
Bugzilla
CVE-2019-19012 oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read
bugzilla·2020-02-12·CVSS 9.8
CVE-2019-19012 [CRITICAL] CVE-2019-19012 oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read
CVE-2019-19012 oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.
Reference:
https://github.com/kkos/oniguruma/issues/164
https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2
https://github.com/tarantula-team/CVE-2019-19012
Discussion:
Created oniguruma tracking bugs for this issue:
Affects: epel-7 [bug 1802053]
Affects: fedora-30 [bug 18020
https://github.com/kkos/oniguruma/issues/164https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2https://github.com/tarantula-team/CVE-2019-19012https://lists.debian.org/debian-lts-announce/2019/12/msg00002.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/https://usn.ubuntu.com/4460-1/https://github.com/kkos/oniguruma/issues/164https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2https://github.com/tarantula-team/CVE-2019-19012https://lists.debian.org/debian-lts-announce/2019/12/msg00002.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/https://usn.ubuntu.com/4460-1/
2019-11-17
Published