An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath() function of the pcre2jitcompile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "low", "binaries": [ { "libpcre2-32-0": "10.31-2ubuntu0.1~esm1", "libpcre2-dev": "10.31-2ubuntu0.1~esm1", "libpcre2-8-0": "10.31-2ubuntu0.1~esm1", "libpcre2-16-0": "10.31-2ubuntu0.1~esm1", "libpcre2-dbg": "10.31-2ubuntu0.1~esm1", "libpcre2-8-0-udeb": "10.31-2ubuntu0.1~esm1", "libpcre2-posix0": "10.31-2ubuntu0.1~esm1", "pcre2-utils": "10.31-2ubuntu0.1~esm1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libpcre2-posix2-dbgsym": "10.34-7ubuntu0.1", "libpcre2-32-0": "10.34-7ubuntu0.1", "libpcre2-dev": "10.34-7ubuntu0.1", "libpcre2-32-0-dbgsym": "10.34-7ubuntu0.1", "libpcre2-16-0": "10.34-7ubuntu0.1", "libpcre2-8-0-udeb": "10.34-7ubuntu0.1", "libpcre2-16-0-dbgsym": "10.34-7ubuntu0.1", "pcre2-utils-dbgsym": "10.34-7ubuntu0.1", "libpcre2-8-0-dbgsym": "10.34-7ubuntu0.1", "libpcre2-posix2": "10.34-7ubuntu0.1", "libpcre2-8-0": "10.34-7ubuntu0.1", "pcre2-utils": "10.34-7ubuntu0.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libpcre2-32-0": "10.39-3ubuntu0.1", "libpcre2-dev": "10.39-3ubuntu0.1", "libpcre2-32-0-dbgsym": "10.39-3ubuntu0.1", "libpcre2-16-0": "10.39-3ubuntu0.1", "libpcre2-8-0": "10.39-3ubuntu0.1", "libpcre2-16-0-dbgsym": "10.39-3ubuntu0.1", "pcre2-utils-dbgsym": "10.39-3ubuntu0.1", "libpcre2-8-0-dbgsym": "10.39-3ubuntu0.1", "libpcre2-posix3": "10.39-3ubuntu0.1", "libpcre2-posix3-dbgsym": "10.39-3ubuntu0.1", "pcre2-utils": "10.39-3ubuntu0.1" } ] }