CVE-2015-1345
Public on 2015-02-12
Modified on 2016-01-18
Description
A heap-based buffer overflow flaw was found in the way grep processed certain pattern and text combinations. An attacker able to trick a user into running grep on specially crafted input could use this flaw to crash grep or, potentially, read from uninitialized memory.
Severity
Low
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 1 | grep | 2015-09-22 | ALAS-2015-598 | Fixed |
| Amazon Linux 1 | grep | 2016-01-18 | ALAS-2016-639 | Fixed |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv2 | 1.2 | AV:L/AC:H/Au:N/C:N/I:N/A:P |
| NVD | CVSSv2 | 2.1 | AV:L/AC:L/Au:N/C:N/I:N/A:P |