Bugzilla – Bug 914891
VUL-1: CVE-2014-9637 patch: local denial of service with a crafted patch
Last modified: 2020-05-12 17:44:57 UTC
rh#1185262 It was reported [1] that a crafted diff file (attached) can make patch to eat memory and later segfault. Upstream commit that fixes this: http://git.savannah.gnu.org/cgit/patch.git/commit/?id=0c08d7a902c6fdd49b704623a12d8d672ef18944 [1]: https://savannah.gnu.org/bugs/?44051 References: https://bugzilla.redhat.com/show_bug.cgi?id=1185262 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9637 http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-9637.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9637
bugbot adjusting priority
Created attachment 621822 [details] Reproducer
Note: the upstream commit only fixes the segfault. Patch still runs out of memory and fails. Memory consumption still reaches insane amounts (8 GB on my 4 GB memory machine according to valgrind.) So this bug is still not fully fixed upstream. Also, I don't quite see how this qualifies as a security incident.
SUSE-SU-2018:1162-1: An update that solves four vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1059698,1080918,1088420,662957,914891 CVE References: CVE-2010-4651,CVE-2014-9637,CVE-2016-10713,CVE-2018-1000156 Sources used: SUSE Linux Enterprise Server 11-SP4 (src): patch-2.5.9-252.22.7.1 SUSE Linux Enterprise Server 11-SP3-LTSS (src): patch-2.5.9-252.22.7.1 SUSE Linux Enterprise Point of Sale 11-SP3 (src): patch-2.5.9-252.22.7.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): patch-2.5.9-252.22.7.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): patch-2.5.9-252.22.7.1
Fixed.