The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Denial Of Service
Buffer Overflow
Grep
Opensuse
NVD
CVSS 2.0
2.1
EPSS
0.1%