Skip to main content

GNU grep Long Line Handling Integer Overflow Vulnerability

Last Update Date: 28 Dec 2012 12:02 Release Date: 28 Dec 2012 4699 Views

RISK: Medium Risk

TYPE: Operating Systems - Linux

TYPE: Linux

A vulnerability has been identified in grep, which can be exploited by malicious people to potentially compromise a user's system.

 

The vulnerability is caused due to an integer overflow error when parsing very long lines and can be exploited to cause a heap-based buffer overflow.


Impact

  • Remote Code Execution

System / Technologies affected

  • grep 2.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 2.11 or later.

Vulnerability Identifier


Source


Related Link