Name | CVE-2019-19203 |
Description | An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
References | DLA-2431-1 |
Debian Bugs | 945312 |
Vulnerable and fixed packages
The table below lists information on source packages.
Source Package | Release | Version | Status |
---|
libonig (PTS) | jessie, jessie (lts) | 5.9.5-3.2+deb8u6 | vulnerable |
| stretch (security), stretch (lts), stretch | 6.1.3-2+deb9u2 | fixed |
| buster | 6.9.1-1 | vulnerable |
| bullseye | 6.9.6-1.1 | fixed |
| bookworm | 6.9.8-1 | fixed |
| sid, trixie | 6.9.9-1 | fixed |
The information below is based on the following data on fixed versions.
Notes
[buster] - libonig <no-dsa> (Minor issue)
[jessie] - libonig <ignored> (Minor issue, not reproducible, non-trivial backport)
https://github.com/kkos/oniguruma/issues/163
https://github.com/kkos/oniguruma/commit/aa0188eaedc056dca8374ac03d0177429b495515 (v6.9.4_rc2)
Only exploitable with attacker-provided pattern
[wheezy] - libonig <ignored> (not reproducible, non-trivial backport)