In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern
References
Link | Resource |
---|---|
https://sourceware.org/bugzilla/show_bug.cgi?id=24269 | Exploit Issue Tracking Third Party Advisory |
https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-02-26T18:00:00
Updated: 2019-11-05T20:06:27
Reserved: 2019-02-26T00:00:00
Link: CVE-2019-9192
JSON object: View
NVD Information
Status : Modified
Published: 2019-02-26T18:29:00.340
Modified: 2024-05-17T01:39:49.527
Link: CVE-2019-9192
JSON object: View
Redhat Information
No data.
CWE