CVE-2017-11164

Source
Severity Low
Remote Yes
Type Denial of service
Description
In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.
Group Package Affected Fixed Severity Status Ticket
AVG-351 pcre 8.42-1 Low Vulnerable
References
http://seclists.org/oss-sec/2017/q3/111
https://bugzilla.redhat.com/show_bug.cgi?id=1470107
Notes
Most distros do not consider this a bug, I'm not sure we should care.