GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952.
History

Wed, 16 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00115}

epss

{'score': 0.00118}


Sun, 13 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00121}

epss

{'score': 0.00115}


Sat, 12 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00135}

epss

{'score': 0.00121}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-03-25T16:44:49

Updated: 2024-08-05T02:46:10.304Z

Reserved: 2020-03-25T00:00:00

Link: CVE-2019-20633

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-03-25T17:15:14.013

Modified: 2024-11-21T04:38:55.590

Link: CVE-2019-20633

cve-icon Redhat

Severity : Low

Publid Date: 2019-07-28T00:00:00Z

Links: CVE-2019-20633 - Bugzilla