CVE-2019-19012

CRITICAL

Oniguruma <6.9.4_rc2 - Memory Corruption

Title source: llm

Description

An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.

Exploits (2)

nomisec WORKING POC 4 stars

by ManhNDd · poc

https://github.com/ManhNDd/CVE-2019-19012

View Code ZIP pw:eip

nomisec WORKING POC

by tarantula-team · poc

https://github.com/tarantula-team/CVE-2019-19012

View Code ZIP pw:eip

References (7)

[Exploit, Patch, Third Party Advisory] https://github.com/kkos/oniguruma/issues/164

[Third Party Advisory] https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2

[Exploit, Third Party Advisory] https://github.com/tarantula-team/CVE-2019-19012

[Third Party Advisory] https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/

[Vendor Advisory] https://usn.ubuntu.com/4460-1/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/

Scores

CVSS v3 9.8

EPSS 0.1478

EPSS Percentile 94.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-190 CWE-125

Status published

Products (6)

debian/debian_linux 8.0

fedoraproject/fedora 30

fedoraproject/fedora 31

oniguruma_project/oniguruma 6.9.4 rc1

oniguruma_project/oniguruma 6.0.0 - 6.9.3

redhat/enterprise_linux 8.0

Published Nov 17, 2019

Tracked Since Feb 18, 2026