CVE-2018-6952

Published: 13 February 2018

A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.

Priority

Negligible

CVSS 3 base score: 7.5

Status

Package Release Status
patch
Launchpad, Ubuntu, Debian 		Upstream Needs triage

Ubuntu 20.10 (Groovy Gorilla) Deferred
(2020-09-16)
Ubuntu 20.04 LTS (Focal Fossa) Deferred
(2020-09-16)
Ubuntu 18.04 LTS (Bionic Beaver) Deferred
(2020-09-16)
Ubuntu 16.04 LTS (Xenial Xerus) Deferred
(2020-09-16)
Ubuntu 14.04 ESM (Trusty Tahr) Deferred
(2020-09-16)
Patches:
Upstream: https://git.savannah.gnu.org/cgit/patch.git/commit/?id=9c986353e420ead6e706262bf204d6e03322c300

Notes

AuthorNote
mdeslaur 
The patch for this introduced CVE-2019-20633, and no complete
fix is available from upstream as of 2020-09-16

References

Bugs

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM

Further reading