Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2026-2903

Опубликовано: 22 фев. 2026
Источник: redhat
CVSS3: 3.3
EPSS Низкий

Описание

A flaw has been found in skvadrik re2c up to 4.4. Impacted is the function check_and_merge_special_rules of the file src/parse/ast.cc. This manipulation causes null pointer dereference. The attack can only be executed locally. The exploit has been published and may be used. Patch name: febeb977936f9519a25d9fbd10ff8256358cdb97. It is suggested to install a patch to address this issue.

A flaw was found in re2c. A local user can exploit this vulnerability by manipulating the check_and_merge_special_rules function. This manipulation causes a null pointer dereference, which can lead to a denial of service (DoS).

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 8re2cNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=2441707re2c: re2c: Denial of Service via null pointer dereference

EPSS

Процентиль: 4%
0.00017
Низкий

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2026-2903

CVSS3: 3.3
ubuntu
около 1 месяца назад

A flaw has been found in skvadrik re2c up to 4.4. Impacted is the function check_and_merge_special_rules of the file src/parse/ast.cc. This manipulation causes null pointer dereference. The attack can only be executed locally. The exploit has been published and may be used. Patch name: febeb977936f9519a25d9fbd10ff8256358cdb97. It is suggested to install a patch to address this issue.

nvd логотип

CVE-2026-2903

CVSS3: 3.3
nvd
около 1 месяца назад

A flaw has been found in skvadrik re2c up to 4.4. Impacted is the function check_and_merge_special_rules of the file src/parse/ast.cc. This manipulation causes null pointer dereference. The attack can only be executed locally. The exploit has been published and may be used. Patch name: febeb977936f9519a25d9fbd10ff8256358cdb97. It is suggested to install a patch to address this issue.

debian логотип

CVE-2026-2903

CVSS3: 3.3
debian
около 1 месяца назад

A flaw has been found in skvadrik re2c up to 4.4. Impacted is the func ...

github логотип

GHSA-7948-p5vf-r2m4

CVSS3: 3.3
github
около 1 месяца назад

A flaw has been found in skvadrik re2c up to 4.4. Impacted is the function check_and_merge_special_rules of the file src/parse/ast.cc. This manipulation causes null pointer dereference. The attack can only be executed locally. The exploit has been published and may be used. Patch name: febeb977936f9519a25d9fbd10ff8256358cdb97. It is suggested to install a patch to address this issue.

EPSS

Процентиль: 4%
0.00017
Низкий

3.3 Low

CVSS3