CVE-2013-0242 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Glibc
CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer11 documents8 sources
Severity
5.0MEDIUMNVD
EPSS
2.1%
top 15.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 8
Latest updateMay 5
Description
Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via crafted multibyte characters.
CVSS vector
AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-f776-wjgx-67c8: Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec↗2022-05-05
OSV▶
CVE-2013-0242: Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec↗2013-02-08
CVEList▶
CVE-2013-0242: Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec↗2013-02-08
📋Vendor Advisories
3💬Community
4Bugzilla▶
CVE-2013-0242 glibc: Buffer overrun (DoS) in regexp matcher by processing multibyte characters [f19]↗2013-03-18
Bugzilla▶
CVE-2013-0242 glibc: Buffer overrun (DoS) in regexp matcher by processing multibyte characters [f17]↗2013-03-18
Bugzilla▶
CVE-2013-0242 glibc: Buffer overrun (DoS) in regexp matcher by processing multibyte characters [f18]↗2013-01-30
Bugzilla▶
CVE-2013-0242 glibc: Buffer overrun (DoS) in regexp matcher by processing multibyte characters↗2013-01-30