cbcvebase.
CVE-2015-1345
published 2015-02-12

CVE-2015-1345: The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted…

PriorityP46low2.1CVSS 2.0
AVLACLAuNCNINAP
EPSS
0.49%
38.2th percentile
The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.

Affected

9 ranges
VendorProductVersion rangeFixed in
debiangrep< grep 2.20-4.1 (bookworm)grep 2.20-4.1 (bookworm)
gnugrep
gnugrep
gnugrep
gnugrep>= 0 < 2.20-4.12.20-4.1
gnugrep>= 0 < 2.20-4.12.20-4.1
gnugrep>= 0 < 2.20-4.12.20-4.1
gnugrep>= 0 < 2.20-4.12.20-4.1
opensuseopensuse

CVSS provenance

nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:N/A:P
osv2.1LOW
vendor_debian2.1LOW
vendor_redhat2.1LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.