Описание
An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the erts_alloc arena to be both read and written to.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse) | erlang | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 6 (Juno) | erlang | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) | erlang | Will not fix | ||
| Red Hat OpenStack Platform 10 (Newton) | erlang | Will not fix | ||
| Red Hat OpenStack Platform 11 (Ocata) | erlang | Will not fix | ||
| Red Hat OpenStack Platform 12 (Pike) | erlang | Not affected | ||
| Red Hat OpenStack Platform 8 (Liberty) | erlang | Will not fix | ||
| Red Hat OpenStack Platform 9 (Mitaka) | erlang | Will not fix | ||
| Red Hat Storage Console 2 | erlang | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
4.4 Medium
CVSS3
Связанные уязвимости
An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the erts_alloc arena to be both read and written to.
An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the erts_alloc arena to be both read and written to.
An issue was discovered in Erlang/OTP 18.x. Erlang's generation of com ...
An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the erts_alloc arena to be both read and written to.
EPSS
4.4 Medium
CVSS3