[Bug 1526548] [NEW] grep 2.22 infinite loop
Seth Arnold
1526548 at bugs.launchpad.net
Tue Dec 15 22:21:07 UTC 2015
*** This bug is a security vulnerability ***
Public security bug reported:
Christian Boltz discovered that grep 2.22 can be sent into an infinite
loop. 2.21 does not have this issue. The reproducer we have available so
far:
grep -obUa -P '\x04\x08\x00profile\x00\x07' /etc/apparmor.d/cache/*
Probably one of the files in that directory will report infinite output
in the style of:
# grep -obUa -P '\x04\x08\x00profile\x00\x07' cache--usr.sbin.smbldap-useradd
16profile
27801profile
27801profile
27801profile
27801profile
27801profile
...
Thanks
** Affects: grep (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to grep in Ubuntu.
https://bugs.launchpad.net/bugs/1526548
Title:
grep 2.22 infinite loop
Status in grep package in Ubuntu:
New
Bug description:
Christian Boltz discovered that grep 2.22 can be sent into an infinite
loop. 2.21 does not have this issue. The reproducer we have available
so far:
grep -obUa -P '\x04\x08\x00profile\x00\x07' /etc/apparmor.d/cache/*
Probably one of the files in that directory will report infinite
output in the style of:
# grep -obUa -P '\x04\x08\x00profile\x00\x07' cache--usr.sbin.smbldap-useradd
16profile
27801profile
27801profile
27801profile
27801profile
27801profile
...
Thanks
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grep/+bug/1526548/+subscriptions
More information about the foundations-bugs
mailing list