CVE-2019-9192

Published: 2/26/2019 Last updated: 8/4/2024 Reserved: 2/26/2019

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

gettext-stub

Products affected (2)

Product	Vendor	Version
n/a	n/a	< 28fbd7b13b4d3074b16db913aedc9d8d37ab41e7
n/a	n/a	< 7402c4bcb8a3f0d2ef4e687cd45c76be489cf509

References (8)

https://sourceware.org/bugzilla/show_bug.cgi?id=24269
https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS
https://sourceware.org/bugzilla/show_bug.cgi?id=24269
https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS
https://sourceware.org/bugzilla/show_bug.cgi?id=24269
https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS
https://sourceware.org/bugzilla/show_bug.cgi?id=24269
https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS