CVE-2018-20796 - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

CVE-2018-20796 (NVD)

2019-02-26

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.

Products	Glibc, Cloud_backup, Ontap_select_deploy_administration_utility, Steelstore_cloud_integrated_storage
Type	Uncontrolled Recursion (CWE-674)
First patch	- None (likely due to unavailable code)
Links	• https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141 • https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html • https://security.netapp.com/advisory/ntap-20190315-0002/ • http://www.securityfocus.com/bid/107160 • https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS