Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2017-16231

Published: August 31, 2023Last modified: August 31, 2023

Description

** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.

Severity score breakdown

ParameterValue
Base score5.5
Attack VectorLOCAL
Attack complexityLOW
Privileges requiredLOW
User interactionNONE
ScopeUNCHANGED
ConfidentialityNONE
Integrity impactNONE
Availability impactHIGH
VectorCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSpcreNot affected (8.45-r2)
tiffNot affected (4.4.0-r4)
StreampcreNot affected (8.45-r3)
tiffNot affected (4.5.1-r0)

References

ON THIS PAGE