Fedora Account System
Red Hat Associate
Red Hat Customer
An integer overflow flaw was found in glibc before 2.34 that may result in reading of arbitrary memory when wordexp is used with a specially crafted untrusted regular expression input. References: https://sourceware.org/bugzilla/show_bug.cgi?id=28011 https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c https://sourceware.org/glibc/wiki/Security%20Exceptions
Created glibc tracking bugs for this issue: Affects: fedora-all [bug 1977976]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4358 https://access.redhat.com/errata/RHSA-2021:4358
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-35942