CVE-2018-6952 – patch: Double free of memory in pch.c:another_hunk() causes a crash
https://notcve.org/view.php?id=CVE-2018-6952
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. Existe una doble liberación (double free) en la función another_hunk en pch.c en GNU patch hasta la versión 2.7.6. A double-free flaw was found in the way the patch utility processed patch files. An attacker could potentially use this flaw to crash the patch utility by tricking it into processing crafted patches. • http://www.securityfocus.com/bid/103047 https://access.redhat.com/errata/RHSA-2019:2033 https://savannah.gnu.org/bugs/index.php?53133 https://security.gentoo.org/glsa/201904-17 https://access.redhat.com/security/cve/CVE-2018-6952 https://bugzilla.redhat.com/show_bug.cgi?id=1545053 • CWE-415: Double Free CWE-416: Use After Free •
CVE-2016-10713 – patch: Out-of-bounds access in pch_write_line function in pch.c
https://notcve.org/view.php?id=CVE-2016-10713
An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file. Se ha descubierto un problema en versiones anteriores a la 2.7.6 de GNU patch. El acceso fuera de límites en pch_write_line() en pch.c puede conducir a DoS mediante un archivo de entradas manipulado. A heap-based out-of-bounds read flaw was found in the way the patch utility parsed patch files. • http://www.securityfocus.com/bid/103063 https://access.redhat.com/errata/RHSA-2019:2033 https://git.savannah.gnu.org/cgit/patch.git/commit/src/pch.c?id=a0d7fe4589651c64bd16ddaaa634030bb0455866 https://usn.ubuntu.com/3624-1 https://usn.ubuntu.com/3624-2 https://access.redhat.com/security/cve/CVE-2016-10713 https://bugzilla.redhat.com/show_bug.cgi?id=1545405 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVE-2015-1396
https://notcve.org/view.php?id=CVE-2015-1396
A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196. Se presenta una vulnerabilidad de Salto de Directorio en el parche GNU versiones anteriores a 2.7.4. Un atacante remoto puede escribir en archivos arbitrarios por medio de un ataque de tipo symlink en un archivo de parche. • http://www.openwall.com/lists/oss-security/2015/01/27/29 http://www.securityfocus.com/bid/75358 http://www.ubuntu.com/usn/USN-2651-1 https://bugzilla.redhat.com/show_bug.cgi?id=1186764 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2015-1395
https://notcve.org/view.php?id=CVE-2015-1395
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name. Una vulnerabilidad de salto de directorio en GNU en versiones de parche que soportan parcheo Git-style en versiones anteriores a la 2.7.3 permite que atacantes remotos escriban en archivos arbitrarios con los permisos del usuario objetivo mediante un ".." (dot dot) en el nombre de un archivo diff. • http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154214.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148953.html http://www.openwall.com/lists/oss-security/2015/01/27/28 http://www.securityfocus.com/bid/72846 http://www.ubuntu.com/usn/USN-2651-1 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873 https://bugzilla.redhat.com/show_bug.cgi?id=1184490 https://git.savannah.gnu.org/cgit/patch.git/commit/?id=17953b5893f7c9835f0dd2a704 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2014-9637
https://notcve.org/view.php?id=CVE-2014-9637
GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file. GNU parche 2.7.2 y anteriores permite que atacantes remotos provoquen una denegación de servicio (consumo de memoria y error de segmentación) mediante un archivo diff manipulado. • http://advisories.mageia.org/MGASA-2015-0068.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154214.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148953.html http://www.openwall.com/lists/oss-security/2015/01/22/7 http://www.securityfocus.com/bid/72286 http://www.ubuntu.com/usn/USN-2651-1 https://bugzilla.redhat.com/show_bug.cgi?id=1185262 https://git.savannah.gnu.org/cgit/patch.git/commit/?id=0c08d7a902c6fdd49b704623a12d8d672ef18944 • CWE-399: Resource Management Errors •