CVE-2019-13638

CWE-78OS Command Injection16 documents9 sources
Severity
7.8HIGH
EPSS
2.1%
top 15.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Debian Debian LinuxGNU Patch
Timeline
PublishedJul 26
Latest updateMay 24

Description

GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

Debianpatch< 2.7.6-5+3
Ubuntupatch< 2.7.5-1ubuntu0.16.04.2+2
NVDgnu/patch2.7.6

Also affects: Debian Linux 10.0, 8.0, 9.0

Patches

Patch: git.savannah.gnu.orgPatch: git.savannah.gnu.org

🔴Vulnerability Details

5
GHSA
GHSA-vqpq-8jvg-rwmx: GNU patch through 22022-05-24
OSV
CVE-2019-13638: GNU patch through 22019-07-26
CVEList
CVE-2019-13638: GNU patch through 22019-07-26
OSV
patch vulnerabilities2019-07-24
OSV
patch vulnerabilities2019-07-24

📋Vendor Advisories

7
Red Hat
patch: do_ed_script in pch.c does not block strings beginning with a ! character2019-08-16
Microsoft
do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638 but the ! syntax is specific to ed and is unre2019-08-13
Red Hat
patch: OS shell command injection when processing crafted patch files2019-07-29
Ubuntu
Patch vulnerabilities2019-07-24
Ubuntu
Patch vulnerabilities2019-07-24

💬Community

3
Bugzilla
CVE-2018-20969 patch: do_ed_script in pch.c does not block strings beginning with a ! character2019-08-29
Bugzilla
CVE-2019-13638 patch: OS shell command injection when processing crafted patch files [fedora-all]2019-07-29
Bugzilla
CVE-2019-13638 patch: OS shell command injection when processing crafted patch files2019-07-29
CVE-2019-13638 (HIGH CVSS 7.8) | GNU patch through 2.7.6 is vulnerab | cvebase.io