VDB
MAGEIA-2018-49
MAGEIA-2018-49
PUBLISHED
Jakub Wilk reported a heap buffer overflow flaw in the regular expression compiler, allowing a remote attacker to cause a denial of service via a specially crafted regular expression with the case-insensitive modifier (CVE-2017-12837). Jakub Wilk reported a buffer over-read flaw in the regular expression parser, allowing a remote attacker to cause a denial of service or information leak (CVE-2017-12883).
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mageia | userdrake | 0, 2.17-1.1.mga6 |
| Mageia | libuser | 0, 0.62-8.2.mga6 |
| Mageia | perl | 5.22.3-3.1.mga6, 0, 5.22.3-3.1.mga6 |
Timeline
- Jan 3, 2018 CVE Updated
- Jan 3, 2018 CVE Published
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Security Advisory
References
- Updated perl packages fix security vulnerability advisory
- Updated perl packages fix security vulnerability advisory
- Updated perl packages fix security vulnerability issue
- Updated libuser packages fix bugs if home directory exists when creating a new user advisory
- Updated libuser packages fix bugs if home directory exists when creating a new user issue