Your submission was sent successfully! Close

CVE-2018-6952

Published: 13 February 2018

A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.

Priority

Negligible

CVSS 3 base score: 7.5

Status

Package Release Status
patch
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Deferred
(2022-01-05)
cosmic Ignored
(reached end-of-life)
disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Deferred
(2022-01-05)
groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Deferred
(2022-01-05)
jammy Deferred
(2022-01-05)
precise Ignored
(end of ESM support, was deferred [2022-01-05])
trusty Deferred
(2022-01-05)
upstream Needs triage

xenial Deferred
(2022-01-05)
Patches:
upstream: https://git.savannah.gnu.org/cgit/patch.git/commit/?id=9c986353e420ead6e706262bf204d6e03322c300

Notes

AuthorNote
mdeslaur
The patch for this introduced CVE-2019-20633, and no complete
fix is available from upstream as of 2022-01-05

References

Bugs