Your submission was sent successfully! Close

CVE-2021-45261

Published: 22 December 2021

An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.

Priority

Negligible

CVSS 3 base score: 5.5

Status

Package Release Status
patch
Launchpad, Ubuntu, Debian 		bionic Deferred
(2022-03-04)
focal Deferred
(2022-03-04)
hirsute Ignored
(reached end-of-life)
impish Deferred
(2022-03-04)
jammy Deferred
(2022-03-04)
trusty Deferred
(2022-03-04)
upstream Needs triage

xenial Deferred
(2022-03-04)

Notes

AuthorNote
rodrigo-zaiden 
negligible security impact since it affects the CLI tool with
a specific malformed patch file.
As of 2022-03-04, upstream has not released any updates nor
comments on this issue, marking as deferred.

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading