GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.

🗓️ 18 Aug 2020 00:00:00Reported by MicrosoftType

GNU Patch 2.7.6 has a validation flaw in EDITOR_PROGRAM using ed that enables code execution via a patch file.

Reporter	Title	Published	Views	Family All 179
FreeBSD	FreeBSD -- shell injection vulnerability in patch(1)	5 Aug 201500:00	–	freebsd
FreeBSD	patch -- multiple vulnerabilities	16 Apr 201800:00	–	freebsd
IBM Security Bulletins	Security Bulletin: A vulnerability in patch affects PowerKVM	7 Jul 201800:04	–	ibm
IBM Security Bulletins	Security Bulletin: Open Source Libvorbis, Patch and Python-paramiko vulnerabilities affect IBM Netezza Host Management	18 Oct 201903:36	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by a Using Components with Known Vulnerabilities (patch) vulnerability	19 Dec 201820:15	–	ibm
Tenable Nessus	Amazon Linux 2 : patch (ALAS-2018-1008)	11 May 201800:00	–	nessus
Tenable Nessus	Amazon Linux AMI : patch (ALAS-2018-1008)	11 May 201800:00	–	nessus
Tenable Nessus	CentOS 6 : patch (CESA-2018:1199)	3 May 201800:00	–	nessus
Tenable Nessus	CentOS 7 : patch (CESA-2018:1200)	31 May 201800:00	–	nessus
Tenable Nessus	Debian DLA-1348-1 : patch security update	17 Apr 201800:00	–	nessus