An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way grep parsed large lines of data. An attacker able to trick a user into running grep on a specially crafted data file could use this flaw to crash grep or, potentially, execute arbitrary code with the privileges of the user running grep.
Find out more about CVE-2012-5667 from the
MITRE CVE dictionary dictionary and
This issue did not affect the version of grep as shipped with Red Hat Enterprise Linux 5.