CVE-2017-9228

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-9228
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9228.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-9228
Downstream
Related
Published
2017-05-24T15:29:00Z
Modified
2025-10-10T01:12:18.263207Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange() during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect state transition in parsecharclass() could create an execution path that leaves a critical local variable uninitialized until it's used as an index, resulting in an out-of-bounds write memory corruption.

References

Affected packages

Git / github.com/kkos/oniguruma

Affected ranges

Type
GIT
Repo
https://github.com/kkos/oniguruma
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
3b63d12038c8d8fc278e81c942fa9bec7c704c8b
Type
GIT
Repo
https://github.com/php/php-src
Events
Introduced
fc1df8e7a6886e29a6ed5bef3f674ac61164e847
Fixed
de96a08a90e480f1afb655bcfeac8ac28a14228e

Affected versions

v5.*

v5.9.6

v6.*

v6.0.0
v6.1.0
v6.1.1
v6.1.2
v6.1.3

Database specific 

{
    "vanir_signatures": [
        {
            "id": "CVE-2017-9228-76affd58",
            "digest": {
                "line_hashes": [
                    "137584815735396322363988031431915161481",
                    "333494754384487831514448708681268998912",
                    "146133796272021099976876320362250733552",
                    "333557439717205834644043090230902438066"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "src/regparse.c"
            },
            "source": "https://github.com/kkos/oniguruma/commit/3b63d12038c8d8fc278e81c942fa9bec7c704c8b",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Line"
        },
        {
            "id": "CVE-2017-9228-f4e5b971",
            "digest": {
                "length": 523.0,
                "function_hash": "101840422994517572473954624738540707486"
            },
            "target": {
                "function": "next_state_class",
                "file": "src/regparse.c"
            },
            "source": "https://github.com/kkos/oniguruma/commit/3b63d12038c8d8fc278e81c942fa9bec7c704c8b",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Function"
        }
    ]
}