USN-4338-2: re2c vulnerability
28 April 2020
re2c could be made to execute arbitrary code if it received a specially crafted file.
- re2c - tool for generating fast C-based recognizers
USN-4338-1 fixed vulnerabilities in re2c. This update provides
the corresponding update for Ubuntu 20.04 LTS.
Original advisory details:
Agostino Sarubbo discovered that re2c incorrectly handled certain files.
An attacker could possibly use this issue to execute arbitrary code.