An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat() during regular expression searching. A logical error involving order of validation and access in matchat() could result in an out-of-bounds read from a stack buffer.
{ "vanir_signatures": [ { "id": "CVE-2017-9224-4e7c3a81", "digest": { "line_hashes": [ "218275574838915329428894979863676023579", "110376745905432703800914764257437607206", "320066072742789064155736675079030765698", "136023353432955758296444224254897665712", "283348006629708797105129985095973840520", "263955851575144037512564373773188411580", "101836692004798677941713213678481189101", "93792859032957038648003350962208405452", "276724385951229306965048612161485230063", "77619366922882625014828695891397227529", "95649270530021035589215734886776241323" ], "threshold": 0.9 }, "target": { "file": "src/regexec.c" }, "source": "https://github.com/kkos/oniguruma/commit/690313a061f7a4fa614ec5cc8368b4f2284e059b", "signature_version": "v1", "deprecated": false, "signature_type": "Line" } ] }