CVE-2018-20796

Name of the Vulnerable Software and Affected Versions GNU C Library (aka glibc or libc6) versions prior to 2.30

Description The issue is related to uncontrolled recursion in the GNU C Library when processing regular expressions. This can lead to a denial of service. The problem arises when the library attempts to match certain patterns, such as '(227|)(11|t1|2537)+', as demonstrated in the grep command.

Recommendations For GNU C Library versions prior to 2.30, update to version 2.30 or later to resolve the issue. As a temporary workaround, consider restricting the use of complex regular expressions in applications that utilize the GNU C Library until a patch is applied.