CVE-2018-20796

Опубликовано: 20 янв. 2019

Источник: redhat

CVSS3: 5.3

Описание

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\1\1|t1|\\2537)+' in grep.

Отчет

The regular expression compiler in glibc is only supposed to be exposed to trusted content, therefore this flaw is not classified as a security vulnerability.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	glibc	Not affected
Red Hat Enterprise Linux 7	glibc	Not affected
Red Hat Enterprise Linux 8	glibc	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-674

https://bugzilla.redhat.com/show_bug.cgi?id=1683150glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2018-20796

CVSS3: 7.5

ubuntu

больше 6 лет назад

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.

CVE-2018-20796

CVSS3: 7.5

nvd

больше 6 лет назад

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.

CVE-2018-20796

CVSS3: 7.5

msrc

около 5 лет назад

Описание отсутствует

CVE-2018-20796

CVSS3: 7.5

debian

больше 6 лет назад

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limi ...

GHSA-7x29-5q3f-f4x2

CVSS3: 7.5

github

больше 3 лет назад

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.

5.3 Medium

CVSS3