CVE-2014-9769 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2014-9769 Interim 1 22 2023-07-01T00:31:06Z current 2021-05-30T13:25:16Z 2023-07-01T00:31:06Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2014-9769 pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata during use of a regular expression in an Emerging Threats Open ruleset. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise High Availability Extension 12 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP2 LTSS SUSE Linux Enterprise Server 11 SP3 LTSS SUSE Linux Enterprise Server 11 SP3 for Teradata SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 11 SP4-LTSS SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Workstation Extension 12 libpcre1 libpcre1-32bit libpcre16-0 libpcrecpp0 libpcrecpp0-32bit libpcreposix0 pcre pcre-32bit pcre-devel pcre-devel-static pcre-tools pcre as a component of SUSE Linux Enterprise Desktop 11 SP4 libpcre1 as a component of SUSE Linux Enterprise Desktop 12 libpcre1-32bit as a component of SUSE Linux Enterprise Desktop 12 libpcre16-0 as a component of SUSE Linux Enterprise Desktop 12 libpcrecpp0 as a component of SUSE Linux Enterprise Desktop 12 libpcrecpp0-32bit as a component of SUSE Linux Enterprise Desktop 12 pcre as a component of SUSE Linux Enterprise Desktop 12 libpcreposix0 as a component of SUSE Linux Enterprise High Availability Extension 12 pcre as a component of SUSE Linux Enterprise High Availability Extension 12 pcre as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata pcre as a component of SUSE Linux Enterprise Server 11 SP2 LTSS pcre as a component of SUSE Linux Enterprise Server 11 SP3 LTSS pcre as a component of SUSE Linux Enterprise Server 11 SP3 for Teradata pcre as a component of SUSE Linux Enterprise Server 11 SP4-LTSS pcre-32bit as a component of SUSE Linux Enterprise Server 11 SP4-LTSS libpcre1 as a component of SUSE Linux Enterprise Server 12 libpcre1-32bit as a component of SUSE Linux Enterprise Server 12 libpcre16-0 as a component of SUSE Linux Enterprise Server 12 pcre as a component of SUSE Linux Enterprise Server 12 pcre-devel as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 pcre as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libpcrecpp0 as a component of SUSE Linux Enterprise Software Development Kit 12 libpcreposix0 as a component of SUSE Linux Enterprise Software Development Kit 12 pcre-devel as a component of SUSE Linux Enterprise Software Development Kit 12 pcre-devel-static as a component of SUSE Linux Enterprise Software Development Kit 12 pcre-tools as a component of SUSE Linux Enterprise Software Development Kit 12 pcre as a component of SUSE Linux Enterprise Software Development Kit 12 libpcrecpp0 as a component of SUSE Linux Enterprise Workstation Extension 12 libpcrecpp0-32bit as a component of SUSE Linux Enterprise Workstation Extension 12 pcre as a component of SUSE Linux Enterprise Workstation Extension 12 pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata during use of a regular expression in an Emerging Threats Open ruleset. CVE-2014-9769 SUSE Linux Enterprise Desktop 11 SP4:pcre SUSE Linux Enterprise Desktop 12:libpcre1 SUSE Linux Enterprise Desktop 12:libpcre1-32bit SUSE Linux Enterprise Desktop 12:libpcre16-0 SUSE Linux Enterprise Desktop 12:libpcrecpp0 SUSE Linux Enterprise Desktop 12:libpcrecpp0-32bit SUSE Linux Enterprise Desktop 12:pcre SUSE Linux Enterprise High Availability Extension 12:libpcreposix0 SUSE Linux Enterprise High Availability Extension 12:pcre SUSE Linux Enterprise Server 11 SP1 for Teradata:pcre SUSE Linux Enterprise Server 11 SP2 LTSS:pcre SUSE Linux Enterprise Server 11 SP3 LTSS:pcre SUSE Linux Enterprise Server 11 SP3 for Teradata:pcre SUSE Linux Enterprise Server 11 SP4-LTSS:pcre SUSE Linux Enterprise Server 11 SP4-LTSS:pcre-32bit SUSE Linux Enterprise Server 12:libpcre1 SUSE Linux Enterprise Server 12:libpcre1-32bit SUSE Linux Enterprise Server 12:libpcre16-0 SUSE Linux Enterprise Server 12:pcre SUSE Linux Enterprise Software Development Kit 11 SP4:pcre SUSE Linux Enterprise Software Development Kit 11 SP4:pcre-devel SUSE Linux Enterprise Software Development Kit 12:libpcrecpp0 SUSE Linux Enterprise Software Development Kit 12:libpcreposix0 SUSE Linux Enterprise Software Development Kit 12:pcre SUSE Linux Enterprise Software Development Kit 12:pcre-devel SUSE Linux Enterprise Software Development Kit 12:pcre-devel-static SUSE Linux Enterprise Software Development Kit 12:pcre-tools SUSE Linux Enterprise Workstation Extension 12:libpcrecpp0 SUSE Linux Enterprise Workstation Extension 12:libpcrecpp0-32bit SUSE Linux Enterprise Workstation Extension 12:pcre important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P