Out-of-bounds Access in GNU Patch Affects Multiple Platforms
CVE-2016-10713

5.5MEDIUM

Key Information:

Vendor
Gnu
Status
Patch
Vendor
CVE Published:
13 February 2018

Summary

An out-of-bounds access vulnerability was identified in GNU Patch prior to version 2.7.6. The issue arises from the pch_write_line() function within pch.c, which could be exploited through a specially crafted input file, leading to potential denial-of-service conditions. This vulnerability can impact system stability and usability if successful exploitation is attempted.

References

https://usn.ubuntu.com/3624-2/
vendor-advisoryx_refsource_UBUNTU
https://usn.ubuntu.com/3624-1/
vendor-advisoryx_refsource_UBUNTU
https://git.savannah.gnu.org/cgit/patch.git/commit/src/pc...
x_refsource_MISC

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.