Vulnerability Note VU#912279

GNU libc regcomp() stack exhaustion denial of service

Original Release date: 07 Dec 2010 | Last revised: 08 Dec 2010

Overview

The regcomp() function of GNU libc is susceptible to stack exhaustion which may result in a denial of service.

Description

It is possible to trigger deep recursion which results in stack exhaustion. An example trigger is: grep -E ".*{10,}{10,}{10,}{10,}{10,}"

Impact

An attacker may be able to trigger a denial of service in applications that accept regular expressions.

Solution

We are currently unaware of a practical solution to this problem.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
Debian GNU/LinuxAffected22 Oct 201007 Dec 2010
Gentoo LinuxAffected22 Oct 201007 Dec 2010
Red Hat, Inc.Affected22 Oct 201007 Dec 2010
Slackware Linux Inc.Affected22 Oct 201007 Dec 2010
UbuntuAffected22 Oct 201007 Dec 2010
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

  • None

Credit

Thanks to Maksymilian Arciemowicz for reporting this vulnerability.

This document was written by Jared Allar.

Other Information

  • CVE IDs: CVE-2010-4051 CVE-2010-4052
  • Date Public: 07 Dec 2010
  • Date First Published: 07 Dec 2010
  • Date Last Updated: 08 Dec 2010
  • Severity Metric: 0.18
  • Document Revision: 13

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.