CVE-2019-20633
https://notcve.org/view.php?id=CVE-2019-20633
GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952. El parche de GNU versiones hasta 2.7.6, contiene una vulnerabilidad de Doble Liberación en free(p_line [p_end]) en la función another_hunk en el archivo pch.c, que puede causar una denegación de servicio por medio de un archivo de parche diseñado. NOTA: este problema se presenta debido a una corrección incompleta para CVE-2018-6952. • https://savannah.gnu.org/bugs/index.php?56683 • CWE-415: Double Free •
CVE-2018-20969 – patch: do_ed_script in pch.c does not block strings beginning with a ! character
https://notcve.org/view.php?id=CVE-2018-20969
do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter. La función do_ed_script en el archivo pch.c en el parche GNU versiones hasta 2.7.6 no bloquea cadenas que comienzan con un carácter !. • http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html https://access.redhat.com/errata/RHSA-2019:2798 https://access.redhat.com/errata/RHSA-2019:2964 https://access.redhat.com/errata/RHSA-2019:3757 https://access.redhat.com/errata/RHSA-2019:3758 https://access.redhat.com/errata/RHSA-2019:4061 https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0 https://github.com/irsl/gnu-patch-vulnerabilities https://seclists. • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2019-13636 – patch: the following of symlinks in inp.c and util.c is mishandled in cases other than input files
https://notcve.org/view.php?id=CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c. En GNU parche hasta 2.7.6, el seguimiento de los enlaces simbólicos es manejado inapropiadamente en determinados casos diferentes a los archivos de entrada. Esto afecta a los archivos inp.c y util.c. GNU patch suffers from command injection and various other vulnerabilities when handling specially crafted patch files. • http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html https://git.savannah.gnu.org/cgit/patch.git/commit/?id=dce4683cbbe107a95f1f0d45fabc304acfb5d71a https://github.com/irsl/gnu-patch-vulnerabilities https://lists.debian.org/debian-lts-announce/2019/07/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT https://seclists.org/bugtraq/2019/Aug/29 https://seclists.org/bugtraq/2019/Jul/54 https& • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2018-6951
https://notcve.org/view.php?id=CVE-2018-6951
An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue. Se ha descubierto un problema hasta la versión 2.7.6 de GNU patch. Hay un fallo de segmentación, asociado con una desreferencia de puntero NULL, que conduce a una denegación de servicio (DoS) en la función intuit_diff_type en pch.c. Esto también se conoce como problema "mangled rename". • http://www.securityfocus.com/bid/103044 https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a https://savannah.gnu.org/bugs/index.php?53132 https://security.gentoo.org/glsa/201904-17 https://usn.ubuntu.com/3624-1 • CWE-476: NULL Pointer Dereference •
CVE-2018-6952 – patch: Double free of memory in pch.c:another_hunk() causes a crash
https://notcve.org/view.php?id=CVE-2018-6952
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. Existe una doble liberación (double free) en la función another_hunk en pch.c en GNU patch hasta la versión 2.7.6. A double-free flaw was found in the way the patch utility processed patch files. An attacker could potentially use this flaw to crash the patch utility by tricking it into processing crafted patches. • http://www.securityfocus.com/bid/103047 https://access.redhat.com/errata/RHSA-2019:2033 https://savannah.gnu.org/bugs/index.php?53133 https://security.gentoo.org/glsa/201904-17 https://access.redhat.com/security/cve/CVE-2018-6952 https://bugzilla.redhat.com/show_bug.cgi?id=1545053 • CWE-415: Double Free CWE-416: Use After Free •