ALAS-2015-598 --- grepID: oval:org.secpod.oval:def:1200170 | Date: (C)2016-01-04 (M)2023-11-10 |
Class: PATCH | Family: unix |
An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way grep parsed large lines of data. An attacker able to trick a user into running grep on a specially crafted data file could use this flaw to crash grep or, potentially, execute arbitrary code with the privileges of the user running grep. A heap-based buffer overflow flaw was found in the way grep processed certain pattern and text combinations. An attacker able to trick a user into running grep on specially crafted input could use this flaw to crash grep or, potentially, read from uninitialized memory
Platform: |
Amazon Linux AMI |