Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

11 – 20 of 22 results


CVE-2018-6952

Negligible priority
Vulnerable

A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.

1 affected packages

patch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
patch Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2018-6951

Low priority
Fixed

An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue.

1 affected packages

patch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
patch Fixed
Show less packages

CVE-2016-10713

Low priority
Fixed

An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file.

1 affected packages

patch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
patch Fixed
Show less packages

CVE-2015-1416

Medium priority
Not affected

Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute...

1 affected packages

patch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
patch
Show less packages

CVE-2015-1396

Medium priority
Fixed

A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.

1 affected packages

patch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
patch
Show less packages

CVE-2015-1395

Medium priority
Fixed

Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.

1 affected packages

patch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
patch
Show less packages

CVE-2015-1196

Medium priority
Fixed

GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file.

1 affected packages

patch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
patch
Show less packages

CVE-2014-9637

Medium priority
Fixed

GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.

1 affected packages

patch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
patch
Show less packages

CVE-2010-4651

Low priority
Fixed

Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a...

1 affected packages

patch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
patch
Show less packages

CVE-2006-2110

Unknown priority
Ignored

Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x before 2.1.1-rc18 provides certain context capabilities (ccaps) that allow local guest users to perform operations that were only intended to be allowed by the guest-root.

1 affected packages

kernel-patch-vserver

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
kernel-patch-vserver
Show less packages