Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian LTS: Security Advisory for libonig (DLA-2431-1)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update for the 'libonig' package(s) announced via the DLA-2431-1 advisory.
Insight
Insight
Several vulnerabilities were discovered in the Oniguruma regular expressions library, notably used in PHP mbstring. CVE-2019-13224 A use-after-free in onig_new_deluxe() in regext.c allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). CVE-2019-16163 Oniguruma allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. CVE-2019-19012 An integer overflow in the search_in_range function in regexec.c in Onigurama leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression. CVE-2019-19203 An issue was discovered in Oniguruma. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read. CVE-2019-19204 An issue was discovered in Oniguruma. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read. CVE-2019-19246 Oniguruma has a heap-based buffer over-read in str_lower_case_match in regexec.c. CVE-2020-26159 In Oniguruma an attacker able to supply a regular expression for compilation may be able to overflow a buffer by one byte in concat_opt_exact_str in src/regcomp.c
Affected Software
Affected Software
'libonig' package(s) on Debian Linux.
Detection Method
Detection Method
Checks if a vulnerable package version is present on the target host.
Solution
Solution
For Debian 9 stretch, these problems have been fixed in version 6.1.3-2+deb9u1. We recommend that you upgrade your libonig packages.
Common Vulnerabilities and Exposures (CVE)
References
- https://lists.debian.org/debian-lts-announce/2020/11/msg00006.html
- https://security-tracker.debian.org/tracker/DLA-2431-1
- https://bugs.debian.org/931878
- https://bugs.debian.org/939988
- https://bugs.debian.org/944959
- https://bugs.debian.org/945312
- https://bugs.debian.org/945313
- https://bugs.debian.org/946344
- https://bugs.debian.org/972113