CVE-2018-6952

Published: 13 February 2018

A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.

Priority

Negligible

CVSS 3 base score: 7.5

Status

Package Release Status
patch
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 21.04 (Hirsute Hippo) Deferred
(2020-09-16)
Ubuntu 20.10 (Groovy Gorilla) Deferred
(2020-09-16)
Ubuntu 20.04 LTS (Focal Fossa) Deferred
(2020-09-16)
Ubuntu 18.04 LTS (Bionic Beaver) Deferred
(2020-09-16)
Ubuntu 16.04 ESM (Xenial Xerus) Deferred
(2020-09-16)
Ubuntu 14.04 ESM (Trusty Tahr) Deferred
(2020-09-16)
Patches:
Upstream: https://git.savannah.gnu.org/cgit/patch.git/commit/?id=9c986353e420ead6e706262bf204d6e03322c300

Notes

AuthorNote
mdeslaur
The patch for this introduced CVE-2019-20633, and no complete
fix is available from upstream as of 2020-09-16

References

Bugs