Unrated severityOSV Advisory· Published Feb 26, 2019· Updated Aug 5, 2024

CVE-2018-20796

Description

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

GNU/GlibcOSV2 versions
cvs/ChangeLog, cvs/amigados-merge, cvs/before-thomas-posix1996, …+ 1 more
- (no CPE)range: cvs/ChangeLog, cvs/amigados-merge, cvs/before-thomas-posix1996, …
- (no CPE)range: <=2.29
GNU/C Libraryllm-fuzzy
Range: <=2.29

Patches

Vulnerability mechanics

References

www.securityfocus.com/bid/107160mitrevdb-entryx_refsource_BID
debbugs.gnu.org/cgi/bugreport.cgimitrex_refsource_MISC
lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.htmlmitrex_refsource_MISC
security.netapp.com/advisory/ntap-20190315-0002/mitrex_refsource_CONFIRM
support.f5.com/csp/article/K26346590mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000