GHSA-F8M3-JPXR-HM5X bsdiff4 out-of-bounds write via patch file

A buffer overflow in the patching routine of bsdiff4 before 1.2.0 allows an attacker to write to heap memory beyond allocated bounds via a crafted patch file...

bsdiff4 out-of-bounds write via patch file

A buffer overflow in the patching routine of bsdiff4 before 1.2.0 allows an attacker to write to heap memory beyond allocated bounds via a crafted patch file...

CLSA-2022-1652706309 Fix CVE(s): CVE-2019-17041, CVE-2019-17042, CVE-2018-16881

SECURITY UPDATE: denial of dervice - debian/patches/CVE-2018-16881.patch: introduces a frame size check in the processDataRcvd function of plugins/imptcp/imptcp.c. - CVE-2018-16881 SECURITY UPDATE: heap-based overflow - debian/patches/CVE-2019-17041.patch: adds length checks for invalid AIX log...

Mercurial Directory traversal vulnerability

Directory traversal vulnerability in patch.py in Mercurial before 1.0.2 allows user-assisted attackers to modify arbitrary files via ".." dot dot sequences in a patch file...

GHSA-V2GW-X5JF-PGWV Mercurial Directory traversal vulnerability

Directory traversal vulnerability in patch.py in Mercurial before 1.0.2 allows user-assisted attackers to modify arbitrary files via ".." dot dot sequences in a patch file...

CLSA-2022-1647254642 Fix CVE(s): CVE-2022-23308

SECURITY UPDATE: Use-after-free of ID and IDREF attributes - debian/patches/CVE-2022-23308.patch: Do not store empty or whitespace-only attributes in ID table - CVE-2022-23308...

Hub Package Arbitrary File Overwrite

The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file...

GHSA-X5M6-JH4R-34MV Hub Package Arbitrary File Overwrite

The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file...

Hub Package Arbitrary File Overwrite

The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file...

CVE-2021-45261

An Invalid Pointer vulnerability exists in GNU patch 2.7 via the anotherhunk function, which causes a Denial of Service...

CVE-2021-3939

Ubuntu-specific modifications to accountsservice in patch file debian/patches/0010-set-language.patch caused the fallbacklocale variable, pointing to static storage, to be freed, in the userchangelanguageauthorizedcb function. This is reachable via the SetLanguage dbus function. This is fixed in...

Code injection

Ubuntu-specific modifications to accountsservice in patch file debian/patches/0010-set-language.patch caused the fallbacklocale variable, pointing to static storage, to be freed, in the userchangelanguageauthorizedcb function. This is reachable via the SetLanguage dbus function. This is fixed in...

Denial Of Service (DoS)

GNU patch through 2.7.6 contains a freeplinepend Double Free vulnerability in the function anotherhunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952...

CVE-2020-15704

The modprobe child process in the ./debian/patches/loadpppgenericifneeded patch file incorrectly handled module loading. A local non-root attacker could exploit the MODPROBEOPTIONS environment variable to read arbitrary root files. Fixed in 2.4.5-5ubuntu1.4, 2.4.5-5.1ubuntu2.3+esm2,...

An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault associated with a NULL pointer dereference leading to a denial of service in the intuit_diff_type function in pch.c aka a "mangled rename" issue.

...

GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.

...

UBUNTU-CVE-2020-15704

The modprobe child process in the ./debian/patches/loadpppgenericifneeded patch file incorrectly handled module loading. A local non-root attacker could exploit the MODPROBEOPTIONS environment variable to read arbitrary root files. Fixed in 2.4.5-5ubuntu1.4, 2.4.5-5.1ubuntu2.3+esm2,...

CVE-2020-15904

A buffer overflow in the patching routine of bsdiff4 before 1.2.0 allows an attacker to write to heap memory beyond allocated bounds via a crafted patch file...

Buffer overflow

A buffer overflow in the patching routine of bsdiff4 before 1.2.0 allows an attacker to write to heap memory beyond allocated bounds via a crafted patch file...

PYSEC-2020-30

A buffer overflow in the patching routine of bsdiff4 before 1.2.0 allows an attacker to write to heap memory beyond allocated bounds via a crafted patch file...