CVE-2018-6952

CWE-415CWE-416Use After Free12 documents8 sources
Severity
7.5HIGH
EPSS
11.8%
top 6.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Patch
Timeline
PublishedFeb 13
Latest updateMay 14

Description

A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDgnu/patch2.7.6

🔴Vulnerability Details

3
GHSA
GHSA-ffqc-f68h-qq8w: A double free exists in the another_hunk function in pch2022-05-14
CVEList
CVE-2018-6952: A double free exists in the another_hunk function in pch2018-02-13
OSV
CVE-2018-6952: A double free exists in the another_hunk function in pch2018-02-13

📋Vendor Advisories

5
Microsoft
GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exi2020-03-10
Red Hat
patch: double free in another_hunk function in pch.c2019-07-28
Microsoft
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.2018-02-13
Red Hat
patch: Double free of memory in pch.c:another_hunk() causes a crash2018-02-03
Debian
CVE-2018-6952: patch - A double free exists in the another_hunk function in pch.c in GNU patch through ...2018

💬Community

3
Bugzilla
CVE-2019-20633 patch: double free in another_hunk function in pch.c2020-03-30
Bugzilla
CVE-2018-6952 patch: Double free of memory in pch.c:another_hunk() causes a crash2018-02-14
Bugzilla
CVE-2018-6952 patch: Double free of memory in pch.c:another_hunk() causes a crash [fedora-all]2018-02-14
CVE-2018-6952 (HIGH CVSS 7.5) | A double free exists in the another | cvebase.io