CVE-2015-1345
EPSS 0.14%
Description
The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.
How to fix CVE-2015-1345
To remediate CVE-2015-1345, upgrade the affected package to a fixed version below.
- Debian/grep—upgrade to 2.20-4.1 or later
Is CVE-2015-1345 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2.20-4.1