CVE-2015-1345
Published: 12 February 2015
The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.
Notes
Author | Note |
---|---|
mdeslaur | introduced in v2.18-90-g73893ff |
Priority
Status
Package | Release | Status |
---|---|---|
grep Launchpad, Ubuntu, Debian |
lucid |
Not vulnerable
(2.5.4-4build1)
|
precise |
Not vulnerable
(2.10-1)
|
|
trusty |
Not vulnerable
(2.16-1)
|
|
upstream |
Released
(2.20-4.1)
|
|
wily |
Not vulnerable
(2.21-2)
|
|
xenial |
Not vulnerable
(2.24-1)
|
|
Patches: upstream: http://git.savannah.gnu.org/cgit/grep.git/commit/?id=83a95bd8c8561875b948cadd417c653dbe7ef2e2 |