Note:
This project will be discontinued after December 13, 2021. [more]
2020-03-25
GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952.
Products | Patch |
Type | Double Free (CWE-415) |
First patch | - None (likely due to unavailable code) |
Links | https://savannah.gnu.org/bugs/index.php?56683 |