Описание
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.
A flaw was found in patch. A possible memory corruption vulnerability could allow an attacker to input a specially crafted patch file leading to a crash or code execution.
Отчет
This vulnerability is classified as low severity rather than moderate because it requires user interaction to be exploited, limiting its attack vector. An attacker must trick a user into manually applying a specially crafted patch file, reducing the likelihood of widespread exploitation.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | patch | Not affected | ||
| Red Hat Enterprise Linux 7 | patch | Out of support scope | ||
| Red Hat Enterprise Linux 8 | patch | Fix deferred | ||
| Red Hat Enterprise Linux 9 | patch | Fix deferred |
Показывать по
Дополнительная информация
Статус:
5.5 Medium
CVSS3
Связанные уязвимости
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the anoth ...
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.
5.5 Medium
CVSS3