CVE-2018-6951
published 2018-02-13CVE-2018-6951: An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service…
high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | patch | — | — |
| gnu | patch | <= 2.7.6 | — |
| gnu | patch | >= 0 < 2.7.1-4ubuntu2.4 | 2.7.1-4ubuntu2.4 |
| gnu | patch | >= 0 < 2.7.5-1ubuntu0.16.04.1 | 2.7.5-1ubuntu0.16.04.1 |
| msrc | azl3_patch_2.7.6-9_on_azure_linux_3.0 | — | — |
| msrc | cbl2_patch_2.7.6-7_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | cm1_patch_2.7.6-7_on_cbl_mariner_1.0 | — | — |
| msrc | patch-2.7.6-7.cm1.aarch64.rpm_on_cbl_mariner_1.0_arm | — | — |
| msrc | patch-2.7.6-7.cm1.x86_64.rpm_on_cbl_mariner_1.0_x64 | — | — |
| msrc | patch-2.7.6-7.cm2.aarch64.rpm_on_cbl_mariner_2.0_arm | — | — |
| msrc | patch-2.7.6-7.cm2.x86_64.rpm_on_cbl_mariner_2.0_x64 | — | — |
| msrc | patch-2.7.6-9.azl3.aarch64.rpm_on_azure_linux_3.0_arm | — | — |
| msrc | patch-2.7.6-9.azl3.x86_64.rpm_on_azure_linux_3.0_x64 | — | — |
| msrc | patch-debuginfo-2.7.6-7.cm1.aarch64.rpm_on_cbl_mariner_1.0_arm | — | — |
| msrc | patch-debuginfo-2.7.6-7.cm1.x86_64.rpm_on_cbl_mariner_1.0_x64 | — | — |
| msrc | patch-debuginfo-2.7.6-7.cm2.aarch64.rpm_on_cbl_mariner_2.0_arm | — | — |
| msrc | patch-debuginfo-2.7.6-7.cm2.x86_64.rpm_on_cbl_mariner_2.0_x64 | — | — |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH