CVE-2006-7226

Impact:
Important
Public Date:
2007-11-13
Bugzilla:
384781: CVE-2006-7226 pcre miscalculation of memory requirements for repeated subpattern containing a named recursion or subroutine reference

The MITRE CVE dictionary describes this issue as:

Perl-Compatible Regular Expression (PCRE) library before 6.7 does not properly calculate the compiled memory allocation for regular expressions that involve a quantified "subpattern containing a named recursion or subroutine reference," which allows context-dependent attackers to cause a denial of service (error or crash).

Find out more about CVE-2006-7226 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (pcre) RHSA-2007:1059 2007-11-29
Red Hat Enterprise Linux 4 (pcre) RHSA-2007:1068 2007-11-29

Acknowledgements

Red Hat would like to thank Ludwig Nussel for reporting this issue.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.