CVE-2019-13638

GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156...

Buffer Underflow

mercurial is vulnerable to buffer underflows. The application does not validate the pointer position when reading a patch fragment, allowing a malicious user to cause a buffer underflow by passing a patch file to the application, causing the application to crash or arbitrary code to be executed...

patch: Malicious patch files cause ed to execute arbitrary commands

GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITORPROGRAM invocation using ed can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's...

patch: Malicious patch files cause ed to execute arbitrary commands

GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITORPROGRAM invocation using ed can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's...

patch: Malicious patch files cause ed to execute arbitrary commands

GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITORPROGRAM invocation using ed can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's...

UBUNTU-CVE-2018-1000156

GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITORPROGRAM invocation using ed can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's...

AZL-35104 CVE-2018-6952 affecting package patch for versions less than 2.7.6-9

A double free exists in the anotherhunk function in pch.c in GNU patch through 2.7.6...

CVE-2015-1418

The doedscript function in pch.c in GNU patch through 2.7.6, and patch in FreeBSD 10.1 before 10.1-RELEASE-p17, 10.2 before 10.2-BETA2-p3, 10.2-RC1 before 10.2-RC1-p2, and 0.2-RC2 before 10.2-RC2-p1, allows remote attackers to execute arbitrary commands via a crafted patch file, because a '!'...

CVE-2015-1416

Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file...

Updated bsdiff packages fix security vulnerability

Integer signedness error in bspatch.c in bspatch in bsdiff allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a crafted patch file CVE-2014-9862...

FreeBSD bspatch Utility Remote Code Execution (CVE-2014-9862)

A remote code execution vulnerability has been reported in the bspatch utility in FreeBSD. The vulnerability is due to improper validation on the numbers of bytes to read from diff and extra stream values. A remote attacker can exploit this vulnerability by enticing the target user to download an...

Apple OS X bsdiff Integer Sign Error Vulnerability

Apple OS X is a specialized operating system developed for Mac computers. An integer sign error vulnerability exists in the bspatch.c file in bsdiff used by Apple OS X, which can be exploited by a remote attacker to crash an application or execute arbitrary code by building a special patch file...

Design/Logic Flaw

Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a crafted patch file...

CVE-2014-9862

Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a crafted patch file...

CVE-2014-9862

Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a crafted patch file...

Security Advisory 0020

Security Advisory 0020 PDF Date: May 6th, 2016 Version: 1.2 Revision| Date| Changes ---|---|--- 1.0 | May 6th, 2016 | Initial release 1.1 | May 12th, 2016 | Updated to include assessment for CVX and CVP. Change in vulnerability status for CVE-2016-2107. 1.2 | May 20th, 2016 | Updated to include...

patch: multiple issues

CVE-2015-1196 directory traversal A directory traversal flaw was discovered that allows remote attackers to write to arbitrary files via a symlink attack in a patch file. This could allow an attacker to overwrite arbitrary files by applying a specially crafted patch, with the privileges of the...

DEBIAN-CVE-2015-1196

GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file...

Design/Logic Flaw

GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file...

CVE-2015-1196

CVE-2015-1196 is confirmed in the provided documents as a vulnerability in GNU patch 2.7.1 where a symlink attack in a patch file allows remote attackers to write to arbitrary files. The connected advisories/feeds reference this CVE alongside other patches for GNU patch (e.g., CVE-2014-9637, CVE-...