It was reported [1] that invoking grep with a carefully crafted combination of input and regexp can cause a segfault and/or reading from uninitialized memory. Upstream bugreport: http://bugs.gnu.org/19563 Upstream fix: http://git.sv.gnu.org/cgit/grep.git/commit/?id=83a95bd8c8561875b948cadd417c653dbe7ef2e2 [1]: http://seclists.org/oss-sec/2015/q1/179
Created grep tracking bugs for this issue: Affects: fedora-all [bug 1183653]
This has been assigned CVE-2015-1345[1]. [1] http://seclists.org/oss-sec/2015/q1/221
*** Bug 1185440 has been marked as a duplicate of this bug. ***
grep-2.21-2.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
Statement: This issue did not affect versions of grep as shipped in Red Hat Enterprise Linux 5.
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2015:1447 https://rhn.redhat.com/errata/RHSA-2015-1447.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2015:2111 https://rhn.redhat.com/errata/RHSA-2015-2111.html