CVE-2016-10713 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Patch

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125 — Out-of-bounds Read10 documents8 sources

Severity

5.5MEDIUMNVD

EPSS

0.5%

top 32.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU Patch

Timeline

PublishedFeb 13

Latest updateMay 14

Description

An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

▶NVDgnu/patch< 2.7.6

▶Debiangnu/patch< 2.7.6-1+3

▶Ubuntugnu/patch< 2.7.1-4ubuntu2.4+1

Patches

Patch: git.savannah.gnu.org ↗Patch: git.savannah.gnu.org ↗

🔴Vulnerability Details

GHSA

GHSA-8m7f-5cc5-rjgp: An issue was discovered in GNU patch before 2↗2022-05-14

▶

OSV

patch vulnerabilities↗2018-04-10

▶

OSV

CVE-2016-10713: An issue was discovered in GNU patch before 2↗2018-02-13

▶

CVEList

CVE-2016-10713: An issue was discovered in GNU patch before 2↗2018-02-13

▶

📋Vendor Advisories

Ubuntu

Patch vulnerabilities↗2018-04-16

▶

Ubuntu

Patch vulnerabilities↗2018-04-10

▶

Red Hat

patch: Out-of-bounds access in pch_write_line function in pch.c↗2018-02-13

▶

Debian

CVE-2016-10713: patch - An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within p...↗2016

▶

💬Community

Bugzilla

CVE-2016-10713 patch: Out-of-bounds access in pch_write_line function in pch.c↗2018-02-14

▶