CVE-2019-13638
patch: OS shell command injection when processing crafted patch files
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.
RouterOS de Mikrotik anterior a versión 6.44.5 (árbol de actualizaciones a largo plazo) es vulnerable al agotamiento de la memoria. Mediante el envío de una petición HTTP diseñada, un atacante remoto autenticado puede bloquear el servidor HTTP y, en algunas circunstancias, reiniciar el sistema. El código no puede ser inyectado.
A flaw was found in GNU patch through version 2.7.6. An ed-style diff payload patch file with shell metacharacters can be used to inject OS shell commands into a system. The ed editor does not need to be present on the vulnerable system for this attack to function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
GNU patch suffers from command injection and various other vulnerabilities when handling specially crafted patch files.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-07-17 CVE Reserved
- 2019-07-24 CVE Published
- 2024-08-04 CVE Updated
- 2024-10-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (17)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html | X_refsource_misc |
|
| https://github.com/irsl/gnu-patch-vulnerabilities | X_refsource_misc | |
| https://seclists.org/bugtraq/2019/Aug/29 | Mailing List |
|
| https://seclists.org/bugtraq/2019/Jul/54 | Mailing List |
|
| https://security-tracker.debian.org/tracker/CVE-2019-13638 | Third Party Advisory | |
| https://security.netapp.com/advisory/ntap-20190828-0001 | X_refsource_confirm |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0 | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gnu Search vendor "Gnu" | Patch Search vendor "Gnu" for product "Patch" | 2.7.6 Search vendor "Gnu" for product "Patch" and version "2.7.6" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||