In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by (|)(11)* in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern
The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Glibc | Gnu | * | 2.29 (including) |
Eglibc | Ubuntu | trusty | * |
Glibc | Ubuntu | cosmic | * |
Glibc | Ubuntu | disco | * |