CVE-2018-6952
published 2018-02-13CVE-2018-6952: A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.
high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.
Affected
33 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | patch | — | — |
| gnu | patch | <= 2.7.6 | — |
| gnu | patch | >= 0 < 2.7.6-r7 | 2.7.6-r7 |
| gnu | patch | >= 0 < 2.7.6-r7 | 2.7.6-r7 |
| gnu | patch | >= 0 < 2.7.6-r7 | 2.7.6-r7 |
| gnu | patch | >= 0 < 2.7.6-r7 | 2.7.6-r7 |
| gnu | patch | >= 0 < 2.7.6-r7 | 2.7.6-r7 |
| gnu | patch | >= 0 < 2.7.6-r7 | 2.7.6-r7 |
| gnu | patch | >= 0 < 2.7.6-r7 | 2.7.6-r7 |
| gnu | patch | >= 0 < 2.7.6-r7 | 2.7.6-r7 |
| gnu | patch | >= 0 < 2.7.6-r7 | 2.7.6-r7 |
| gnu | patch | >= 0 < 2.7.6-r7 | 2.7.6-r7 |
| gnu | patch | >= 0 < 2.7.6-r7 | 2.7.6-r7 |
| gnu | patch | >= 0 < 2.7.6-r7 | 2.7.6-r7 |
| gnu | patch | >= 0 < 2.7.6-r7 | 2.7.6-r7 |
| msrc | azl3_patch_2.7.6-9_on_azure_linux_3.0 | — | — |
| msrc | cbl2_patch_2.7.6-7_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_patch_2.7.6-8_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | cm1_patch_2.7.6-7_on_cbl_mariner_1.0 | — | — |
| msrc | patch-2.7.6-7.cm1.aarch64.rpm_on_cbl_mariner_1.0_arm | — | — |
| msrc | patch-2.7.6-7.cm1.x86_64.rpm_on_cbl_mariner_1.0_x64 | — | — |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv7.5HIGH