Vulnerability CVE-2018-6952: Information

Description

A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.

Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2018-6952
Published: Feb. 13, 2018
Modified: April 17, 2019
Error type identifier: CWE-415

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
patchsisyphus2.7.6.0.15.369d-alt12.7.6.0.27.7623-alt1ALT-PU-2018-1872-1208022Fixed
patchp102.7.6.0.15.369d-alt12.7.6.0.27.7623-alt1ALT-PU-2018-1872-1208022Fixed
patchp92.7.6.0.15.369d-alt12.7.6.0.24.76e7-alt1ALT-PU-2018-1872-1208022Fixed
patchc10f12.7.6.0.15.369d-alt12.7.6.0.27.7623-alt1ALT-PU-2018-1872-1208022Fixed
patchc9f22.7.6.0.15.369d-alt12.7.6.0.24.76e7-alt1ALT-PU-2018-1872-1208022Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://savannah.gnu.org/bugs/index.php?53133
  • Vendor Advisory
103047
  • Third Party Advisory
  • VDB Entry
GLSA-201904-17
    RHSA-2019:2033

        1. Configuration 1

          cpe:2.3:a:gnu:patch:*:*:*:*:*:*:*:*
          End including
          2.7.6
      VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
      Version: v24.4.2
      Back to top