pcre -- Heap Overflow Vulnerability in find_fixedlength()

Venustech ADLAB reports:

PCRE library is prone to a vulnerability which leads to Heap
Overflow. During subpattern calculation of a malformed regular
expression, an offset that is used as an array index is fully
controlled and can be large enough so that unexpected heap
memory regions are accessed.
One could at least exploit this issue to read objects nearby of
the affected application’s memory.
Such information disclosure may also be used to bypass memory
protection method such as ASLR.