Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-13638 (GCVE-0-2019-13638)
Vulnerability from cvelistv5 – Published: 2019-07-26 12:22 – Updated: 2024-08-04 23:57
VLAI?
EPSS
Summary
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:57:39.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2019-13638"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0"
},
{
"name": "DSA-4489",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4489"
},
{
"name": "20190730 [SECURITY] [DSA 4489-1] patch security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jul/54"
},
{
"name": "20190816 Details about recent GNU patch vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Aug/29"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html"
},
{
"name": "GLSA-201908-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201908-22"
},
{
"name": "FEDORA-2019-ac709da87f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190828-0001/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/irsl/gnu-patch-vulnerabilities"
},
{
"name": "RHSA-2019:2798",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2798"
},
{
"name": "RHSA-2019:2964",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2964"
},
{
"name": "RHSA-2019:3757",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3757"
},
{
"name": "RHSA-2019:3758",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3758"
},
{
"name": "RHSA-2019:4061",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4061"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-03T13:06:02.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2019-13638"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0"
},
{
"name": "DSA-4489",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4489"
},
{
"name": "20190730 [SECURITY] [DSA 4489-1] patch security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Jul/54"
},
{
"name": "20190816 Details about recent GNU patch vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Aug/29"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html"
},
{
"name": "GLSA-201908-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201908-22"
},
{
"name": "FEDORA-2019-ac709da87f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190828-0001/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/irsl/gnu-patch-vulnerabilities"
},
{
"name": "RHSA-2019:2798",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2798"
},
{
"name": "RHSA-2019:2964",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2964"
},
{
"name": "RHSA-2019:3757",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3757"
},
{
"name": "RHSA-2019:3758",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3758"
},
{
"name": "RHSA-2019:4061",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4061"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13638",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2019-13638",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-13638"
},
{
"name": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0",
"refsource": "MISC",
"url": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0"
},
{
"name": "DSA-4489",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4489"
},
{
"name": "20190730 [SECURITY] [DSA 4489-1] patch security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Jul/54"
},
{
"name": "20190816 Details about recent GNU patch vulnerabilities",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Aug/29"
},
{
"name": "http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html"
},
{
"name": "GLSA-201908-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201908-22"
},
{
"name": "FEDORA-2019-ac709da87f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190828-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190828-0001/"
},
{
"name": "https://github.com/irsl/gnu-patch-vulnerabilities",
"refsource": "MISC",
"url": "https://github.com/irsl/gnu-patch-vulnerabilities"
},
{
"name": "RHSA-2019:2798",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2798"
},
{
"name": "RHSA-2019:2964",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2964"
},
{
"name": "RHSA-2019:3757",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3757"
},
{
"name": "RHSA-2019:3758",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3758"
},
{
"name": "RHSA-2019:4061",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:4061"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13638",
"datePublished": "2019-07-26T12:22:43.000Z",
"dateReserved": "2019-07-17T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:57:39.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:patch:2.7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"050A9139-DC81-4789-8FD9-A6EBFB8ED6E2\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.\"}, {\"lang\": \"es\", \"value\": \"RouterOS de Mikrotik anterior a versi\\u00f3n 6.44.5 (\\u00e1rbol de actualizaciones a largo plazo) es vulnerable al agotamiento de la memoria. Mediante el env\\u00edo de una petici\\u00f3n HTTP dise\\u00f1ada, un atacante remoto autenticado puede bloquear el servidor HTTP y, en algunas circunstancias, reiniciar el sistema. El c\\u00f3digo no puede ser inyectado.\"}]",
"id": "CVE-2019-13638",
"lastModified": "2024-11-21T04:25:25.007",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2019-07-26T13:15:12.783",
"references": "[{\"url\": \"http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2798\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2964\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3757\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3758\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:4061\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/irsl/gnu-patch-vulnerabilities\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Aug/29\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Jul/54\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2019-13638\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201908-22\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190828-0001/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.debian.org/security/2019/dsa-4489\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2798\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2964\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3757\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3758\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:4061\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/irsl/gnu-patch-vulnerabilities\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Aug/29\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Jul/54\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2019-13638\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201908-22\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190828-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.debian.org/security/2019/dsa-4489\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-13638\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-07-26T13:15:12.783\",\"lastModified\":\"2024-11-21T04:25:25.007\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.\"},{\"lang\":\"es\",\"value\":\"RouterOS de Mikrotik anterior a versi\u00f3n 6.44.5 (\u00e1rbol de actualizaciones a largo plazo) es vulnerable al agotamiento de la memoria. Mediante el env\u00edo de una petici\u00f3n HTTP dise\u00f1ada, un atacante remoto autenticado puede bloquear el servidor HTTP y, en algunas circunstancias, reiniciar el sistema. El c\u00f3digo no puede ser inyectado.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:patch:2.7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"050A9139-DC81-4789-8FD9-A6EBFB8ED6E2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2798\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2964\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3757\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3758\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:4061\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/irsl/gnu-patch-vulnerabilities\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://seclists.org/bugtraq/2019/Aug/29\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://seclists.org/bugtraq/2019/Jul/54\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2019-13638\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201908-22\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20190828-0001/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.debian.org/security/2019/dsa-4489\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2798\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2964\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3757\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3758\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:4061\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/irsl/gnu-patch-vulnerabilities\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://seclists.org/bugtraq/2019/Aug/29\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://seclists.org/bugtraq/2019/Jul/54\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2019-13638\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201908-22\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20190828-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2019/dsa-4489\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
RHSA-2019:3757
Vulnerability from csaf_redhat - Published: 2019-11-06 17:01 - Updated: 2025-11-21 18:11Summary
Red Hat Security Advisory: patch security update
Notes
Topic
An update for patch is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).
Security Fix(es):
* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)
* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for patch is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).\n\nSecurity Fix(es):\n\n* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)\n\n* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:3757",
"url": "https://access.redhat.com/errata/RHSA-2019:3757"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3757.json"
}
],
"title": "Red Hat Security Advisory: patch security update",
"tracking": {
"current_release_date": "2025-11-21T18:11:06+00:00",
"generator": {
"date": "2025-11-21T18:11:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2019:3757",
"initial_release_date": "2019-11-06T17:01:35+00:00",
"revision_history": [
{
"date": "2019-11-06T17:01:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-11-06T17:01:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:11:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.5::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_5.x86_64",
"product": {
"name": "patch-0:2.7.1-11.el7_5.x86_64",
"product_id": "patch-0:2.7.1-11.el7_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_5.src",
"product": {
"name": "patch-0:2.7.1-11.el7_5.src",
"product_id": "patch-0:2.7.1-11.el7_5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_5.s390x",
"product": {
"name": "patch-0:2.7.1-11.el7_5.s390x",
"product_id": "patch-0:2.7.1-11.el7_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_5.ppc64",
"product": {
"name": "patch-0:2.7.1-11.el7_5.ppc64",
"product_id": "patch-0:2.7.1-11.el7_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_5.ppc64le",
"product": {
"name": "patch-0:2.7.1-11.el7_5.ppc64le",
"product_id": "patch-0:2.7.1-11.el7_5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7_5.ppc64",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7_5.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7_5.s390x",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.src"
},
"product_reference": "patch-0:2.7.1-11.el7_5.src",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7_5.x86_64",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7_5.ppc64",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7_5.ppc64le",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7_5.s390x",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.src"
},
"product_reference": "patch-0:2.7.1-11.el7_5.src",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7_5.x86_64",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"relates_to_product_reference": "7Server-7.5.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-20969",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1746672"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. Strings beginning with a exclamation mark are not blocked by default. When ed receives an exclamation mark-prefixed command line argument, the argument is executed as a shell command. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: do_ed_script in pch.c does not block strings beginning with a ! character",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20969"
},
{
"category": "external",
"summary": "RHBZ#1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20969",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20969"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969"
},
{
"category": "external",
"summary": "https://seclists.org/bugtraq/2019/Aug/29",
"url": "https://seclists.org/bugtraq/2019/Aug/29"
}
],
"release_date": "2019-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-06T17:01:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3757"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: do_ed_script in pch.c does not block strings beginning with a ! character"
},
{
"cve": "CVE-2019-13638",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1733916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. An ed-style diff payload patch file with shell metacharacters can be used to inject OS shell commands into a system. The ed editor does not need to be present on the vulnerable system for this attack to function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: OS shell command injection when processing crafted patch files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 is not affected by this vulnerability as the shipped version of patch did not carry the code that introduced this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-13638"
},
{
"category": "external",
"summary": "RHBZ#1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-13638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638"
}
],
"release_date": "2019-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-06T17:01:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3757"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: OS shell command injection when processing crafted patch files"
}
]
}
RHSA-2019:3758
Vulnerability from csaf_redhat - Published: 2019-11-06 17:13 - Updated: 2025-11-21 18:11Summary
Red Hat Security Advisory: patch security update
Notes
Topic
An update for patch is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).
Security Fix(es):
* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)
* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for patch is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).\n\nSecurity Fix(es):\n\n* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)\n\n* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:3758",
"url": "https://access.redhat.com/errata/RHSA-2019:3758"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3758.json"
}
],
"title": "Red Hat Security Advisory: patch security update",
"tracking": {
"current_release_date": "2025-11-21T18:11:09+00:00",
"generator": {
"date": "2025-11-21T18:11:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2019:3758",
"initial_release_date": "2019-11-06T17:13:29+00:00",
"revision_history": [
{
"date": "2019-11-06T17:13:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-01-13T13:59:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:11:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.6::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_6.s390x",
"product": {
"name": "patch-0:2.7.1-11.el7_6.s390x",
"product_id": "patch-0:2.7.1-11.el7_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_6.ppc64le",
"product": {
"name": "patch-0:2.7.1-11.el7_6.ppc64le",
"product_id": "patch-0:2.7.1-11.el7_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_6.src",
"product": {
"name": "patch-0:2.7.1-11.el7_6.src",
"product_id": "patch-0:2.7.1-11.el7_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_6.x86_64",
"product": {
"name": "patch-0:2.7.1-11.el7_6.x86_64",
"product_id": "patch-0:2.7.1-11.el7_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_6.ppc64",
"product": {
"name": "patch-0:2.7.1-11.el7_6.ppc64",
"product_id": "patch-0:2.7.1-11.el7_6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_6?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7_6.ppc64",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7_6.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7_6.s390x",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.src"
},
"product_reference": "patch-0:2.7.1-11.el7_6.src",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7_6.x86_64",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7_6.ppc64",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7_6.ppc64le",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7_6.s390x",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.src"
},
"product_reference": "patch-0:2.7.1-11.el7_6.src",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7_6.x86_64",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7_6.ppc64",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7_6.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7_6.s390x",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.src"
},
"product_reference": "patch-0:2.7.1-11.el7_6.src",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7_6.x86_64",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-20969",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1746672"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. Strings beginning with a exclamation mark are not blocked by default. When ed receives an exclamation mark-prefixed command line argument, the argument is executed as a shell command. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: do_ed_script in pch.c does not block strings beginning with a ! character",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20969"
},
{
"category": "external",
"summary": "RHBZ#1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20969",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20969"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969"
},
{
"category": "external",
"summary": "https://seclists.org/bugtraq/2019/Aug/29",
"url": "https://seclists.org/bugtraq/2019/Aug/29"
}
],
"release_date": "2019-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-06T17:13:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3758"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: do_ed_script in pch.c does not block strings beginning with a ! character"
},
{
"cve": "CVE-2019-13638",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1733916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. An ed-style diff payload patch file with shell metacharacters can be used to inject OS shell commands into a system. The ed editor does not need to be present on the vulnerable system for this attack to function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: OS shell command injection when processing crafted patch files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 is not affected by this vulnerability as the shipped version of patch did not carry the code that introduced this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-13638"
},
{
"category": "external",
"summary": "RHBZ#1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-13638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638"
}
],
"release_date": "2019-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-06T17:13:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3758"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: OS shell command injection when processing crafted patch files"
}
]
}
RHSA-2019_4061
Vulnerability from csaf_redhat - Published: 2019-12-03 11:04 - Updated: 2024-11-22 13:43Summary
Red Hat Security Advisory: patch security update
Notes
Topic
An update for patch is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).
Security Fix(es):
* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)
* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for patch is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).\n\nSecurity Fix(es):\n\n* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)\n\n* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:4061",
"url": "https://access.redhat.com/errata/RHSA-2019:4061"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_4061.json"
}
],
"title": "Red Hat Security Advisory: patch security update",
"tracking": {
"current_release_date": "2024-11-22T13:43:37+00:00",
"generator": {
"date": "2024-11-22T13:43:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2019:4061",
"initial_release_date": "2019-12-03T11:04:16+00:00",
"revision_history": [
{
"date": "2019-12-03T11:04:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-12-03T11:04:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T13:43:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.4::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product": {
"name": "Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:7.4::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product": {
"name": "Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:7.4::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_4.x86_64",
"product": {
"name": "patch-0:2.7.1-11.el7_4.x86_64",
"product_id": "patch-0:2.7.1-11.el7_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_4.src",
"product": {
"name": "patch-0:2.7.1-11.el7_4.src",
"product_id": "patch-0:2.7.1-11.el7_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_4.ppc64le",
"product": {
"name": "patch-0:2.7.1-11.el7_4.ppc64le",
"product_id": "patch-0:2.7.1-11.el7_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_4?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_4.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.src"
},
"product_reference": "patch-0:2.7.1-11.el7_4.src",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_4.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7_4.ppc64le",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_4.src as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.src"
},
"product_reference": "patch-0:2.7.1-11.el7_4.src",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_4.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_4.src as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.src"
},
"product_reference": "patch-0:2.7.1-11.el7_4.src",
"relates_to_product_reference": "7Server-7.4.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-20969",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1746672"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. Strings beginning with a exclamation mark are not blocked by default. When ed receives an exclamation mark-prefixed command line argument, the argument is executed as a shell command. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: do_ed_script in pch.c does not block strings beginning with a ! character",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.AUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20969"
},
{
"category": "external",
"summary": "RHBZ#1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20969",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20969"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969"
},
{
"category": "external",
"summary": "https://seclists.org/bugtraq/2019/Aug/29",
"url": "https://seclists.org/bugtraq/2019/Aug/29"
}
],
"release_date": "2019-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-03T11:04:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.AUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:4061"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.AUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: do_ed_script in pch.c does not block strings beginning with a ! character"
},
{
"cve": "CVE-2019-13638",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1733916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. An ed-style diff payload patch file with shell metacharacters can be used to inject OS shell commands into a system. The ed editor does not need to be present on the vulnerable system for this attack to function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: OS shell command injection when processing crafted patch files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 is not affected by this vulnerability as the shipped version of patch did not carry the code that introduced this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.AUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-13638"
},
{
"category": "external",
"summary": "RHBZ#1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-13638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638"
}
],
"release_date": "2019-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-03T11:04:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.AUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:4061"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.AUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: OS shell command injection when processing crafted patch files"
}
]
}
RHSA-2019_3757
Vulnerability from csaf_redhat - Published: 2019-11-06 17:01 - Updated: 2024-11-22 13:43Summary
Red Hat Security Advisory: patch security update
Notes
Topic
An update for patch is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).
Security Fix(es):
* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)
* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for patch is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).\n\nSecurity Fix(es):\n\n* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)\n\n* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:3757",
"url": "https://access.redhat.com/errata/RHSA-2019:3757"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3757.json"
}
],
"title": "Red Hat Security Advisory: patch security update",
"tracking": {
"current_release_date": "2024-11-22T13:43:30+00:00",
"generator": {
"date": "2024-11-22T13:43:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2019:3757",
"initial_release_date": "2019-11-06T17:01:35+00:00",
"revision_history": [
{
"date": "2019-11-06T17:01:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-11-06T17:01:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T13:43:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.5::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_5.x86_64",
"product": {
"name": "patch-0:2.7.1-11.el7_5.x86_64",
"product_id": "patch-0:2.7.1-11.el7_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_5.src",
"product": {
"name": "patch-0:2.7.1-11.el7_5.src",
"product_id": "patch-0:2.7.1-11.el7_5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_5.s390x",
"product": {
"name": "patch-0:2.7.1-11.el7_5.s390x",
"product_id": "patch-0:2.7.1-11.el7_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_5.ppc64",
"product": {
"name": "patch-0:2.7.1-11.el7_5.ppc64",
"product_id": "patch-0:2.7.1-11.el7_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_5.ppc64le",
"product": {
"name": "patch-0:2.7.1-11.el7_5.ppc64le",
"product_id": "patch-0:2.7.1-11.el7_5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7_5.ppc64",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7_5.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7_5.s390x",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.src"
},
"product_reference": "patch-0:2.7.1-11.el7_5.src",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7_5.x86_64",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.5)",
"product_id": "7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"relates_to_product_reference": "7ComputeNode-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7_5.ppc64",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7_5.ppc64le",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7_5.s390x",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.src"
},
"product_reference": "patch-0:2.7.1-11.el7_5.src",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7_5.x86_64",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"relates_to_product_reference": "7Server-7.5.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"relates_to_product_reference": "7Server-7.5.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-20969",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1746672"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. Strings beginning with a exclamation mark are not blocked by default. When ed receives an exclamation mark-prefixed command line argument, the argument is executed as a shell command. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: do_ed_script in pch.c does not block strings beginning with a ! character",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20969"
},
{
"category": "external",
"summary": "RHBZ#1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20969",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20969"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969"
},
{
"category": "external",
"summary": "https://seclists.org/bugtraq/2019/Aug/29",
"url": "https://seclists.org/bugtraq/2019/Aug/29"
}
],
"release_date": "2019-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-06T17:01:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3757"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: do_ed_script in pch.c does not block strings beginning with a ! character"
},
{
"cve": "CVE-2019-13638",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1733916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. An ed-style diff payload patch file with shell metacharacters can be used to inject OS shell commands into a system. The ed editor does not need to be present on the vulnerable system for this attack to function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: OS shell command injection when processing crafted patch files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 is not affected by this vulnerability as the shipped version of patch did not carry the code that introduced this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-13638"
},
{
"category": "external",
"summary": "RHBZ#1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-13638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638"
}
],
"release_date": "2019-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-06T17:01:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3757"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7ComputeNode-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7ComputeNode-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.src",
"7Server-7.5.EUS:patch-0:2.7.1-11.el7_5.x86_64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.ppc64le",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.s390x",
"7Server-7.5.EUS:patch-debuginfo-0:2.7.1-11.el7_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: OS shell command injection when processing crafted patch files"
}
]
}
RHSA-2019_3758
Vulnerability from csaf_redhat - Published: 2019-11-06 17:13 - Updated: 2024-11-22 13:43Summary
Red Hat Security Advisory: patch security update
Notes
Topic
An update for patch is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).
Security Fix(es):
* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)
* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for patch is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).\n\nSecurity Fix(es):\n\n* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)\n\n* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:3758",
"url": "https://access.redhat.com/errata/RHSA-2019:3758"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3758.json"
}
],
"title": "Red Hat Security Advisory: patch security update",
"tracking": {
"current_release_date": "2024-11-22T13:43:24+00:00",
"generator": {
"date": "2024-11-22T13:43:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2019:3758",
"initial_release_date": "2019-11-06T17:13:29+00:00",
"revision_history": [
{
"date": "2019-11-06T17:13:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-01-13T13:59:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T13:43:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.6::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_6.s390x",
"product": {
"name": "patch-0:2.7.1-11.el7_6.s390x",
"product_id": "patch-0:2.7.1-11.el7_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_6.ppc64le",
"product": {
"name": "patch-0:2.7.1-11.el7_6.ppc64le",
"product_id": "patch-0:2.7.1-11.el7_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_6.src",
"product": {
"name": "patch-0:2.7.1-11.el7_6.src",
"product_id": "patch-0:2.7.1-11.el7_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_6.x86_64",
"product": {
"name": "patch-0:2.7.1-11.el7_6.x86_64",
"product_id": "patch-0:2.7.1-11.el7_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_6.ppc64",
"product": {
"name": "patch-0:2.7.1-11.el7_6.ppc64",
"product_id": "patch-0:2.7.1-11.el7_6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_6?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7_6.ppc64",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7_6.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7_6.s390x",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.src as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.src"
},
"product_reference": "patch-0:2.7.1-11.el7_6.src",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7_6.x86_64",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode EUS (v. 7.6)",
"product_id": "7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"relates_to_product_reference": "7ComputeNode-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7_6.ppc64",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7_6.ppc64le",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7_6.s390x",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.src"
},
"product_reference": "patch-0:2.7.1-11.el7_6.src",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7_6.x86_64",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"relates_to_product_reference": "7Server-7.6.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7_6.ppc64",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7_6.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7_6.s390x",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.src"
},
"product_reference": "patch-0:2.7.1-11.el7_6.src",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7_6.x86_64",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"relates_to_product_reference": "7Server-Alt-7.6-EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-20969",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1746672"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. Strings beginning with a exclamation mark are not blocked by default. When ed receives an exclamation mark-prefixed command line argument, the argument is executed as a shell command. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: do_ed_script in pch.c does not block strings beginning with a ! character",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20969"
},
{
"category": "external",
"summary": "RHBZ#1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20969",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20969"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969"
},
{
"category": "external",
"summary": "https://seclists.org/bugtraq/2019/Aug/29",
"url": "https://seclists.org/bugtraq/2019/Aug/29"
}
],
"release_date": "2019-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-06T17:13:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3758"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: do_ed_script in pch.c does not block strings beginning with a ! character"
},
{
"cve": "CVE-2019-13638",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1733916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. An ed-style diff payload patch file with shell metacharacters can be used to inject OS shell commands into a system. The ed editor does not need to be present on the vulnerable system for this attack to function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: OS shell command injection when processing crafted patch files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 is not affected by this vulnerability as the shipped version of patch did not carry the code that introduced this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-13638"
},
{
"category": "external",
"summary": "RHBZ#1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-13638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638"
}
],
"release_date": "2019-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-06T17:13:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3758"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7ComputeNode-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7ComputeNode-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-7.6.EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-7.6.EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.src",
"7Server-Alt-7.6-EUS:patch-0:2.7.1-11.el7_6.x86_64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.ppc64le",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.s390x",
"7Server-Alt-7.6-EUS:patch-debuginfo-0:2.7.1-11.el7_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: OS shell command injection when processing crafted patch files"
}
]
}
RHSA-2019:2798
Vulnerability from csaf_redhat - Published: 2019-09-19 04:11 - Updated: 2025-11-21 18:10Summary
Red Hat Security Advisory: patch security update
Notes
Topic
An update for patch is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).
Security Fix(es):
* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)
* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for patch is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).\n\nSecurity Fix(es):\n\n* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)\n\n* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:2798",
"url": "https://access.redhat.com/errata/RHSA-2019:2798"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2798.json"
}
],
"title": "Red Hat Security Advisory: patch security update",
"tracking": {
"current_release_date": "2025-11-21T18:10:11+00:00",
"generator": {
"date": "2025-11-21T18:10:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2019:2798",
"initial_release_date": "2019-09-19T04:11:16+00:00",
"revision_history": [
{
"date": "2019-09-19T04:11:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-09-19T04:11:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:10:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.6-9.el8_0.ppc64le",
"product": {
"name": "patch-0:2.7.6-9.el8_0.ppc64le",
"product_id": "patch-0:2.7.6-9.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.6-9.el8_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"product": {
"name": "patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"product_id": "patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debugsource@2.7.6-9.el8_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"product": {
"name": "patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"product_id": "patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.6-9.el8_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.6-9.el8_0.s390x",
"product": {
"name": "patch-0:2.7.6-9.el8_0.s390x",
"product_id": "patch-0:2.7.6-9.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.6-9.el8_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "patch-debugsource-0:2.7.6-9.el8_0.s390x",
"product": {
"name": "patch-debugsource-0:2.7.6-9.el8_0.s390x",
"product_id": "patch-debugsource-0:2.7.6-9.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debugsource@2.7.6-9.el8_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"product": {
"name": "patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"product_id": "patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.6-9.el8_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.6-9.el8_0.x86_64",
"product": {
"name": "patch-0:2.7.6-9.el8_0.x86_64",
"product_id": "patch-0:2.7.6-9.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.6-9.el8_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "patch-debugsource-0:2.7.6-9.el8_0.x86_64",
"product": {
"name": "patch-debugsource-0:2.7.6-9.el8_0.x86_64",
"product_id": "patch-debugsource-0:2.7.6-9.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debugsource@2.7.6-9.el8_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"product": {
"name": "patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"product_id": "patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.6-9.el8_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.6-9.el8_0.aarch64",
"product": {
"name": "patch-0:2.7.6-9.el8_0.aarch64",
"product_id": "patch-0:2.7.6-9.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.6-9.el8_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"product": {
"name": "patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"product_id": "patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debugsource@2.7.6-9.el8_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"product": {
"name": "patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"product_id": "patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.6-9.el8_0?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.6-9.el8_0.src",
"product": {
"name": "patch-0:2.7.6-9.el8_0.src",
"product_id": "patch-0:2.7.6-9.el8_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.6-9.el8_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.6-9.el8_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.aarch64"
},
"product_reference": "patch-0:2.7.6-9.el8_0.aarch64",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.6-9.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.ppc64le"
},
"product_reference": "patch-0:2.7.6-9.el8_0.ppc64le",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.6-9.el8_0.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.s390x"
},
"product_reference": "patch-0:2.7.6-9.el8_0.s390x",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.6-9.el8_0.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.src"
},
"product_reference": "patch-0:2.7.6-9.el8_0.src",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.6-9.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.x86_64"
},
"product_reference": "patch-0:2.7.6-9.el8_0.x86_64",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.6-9.el8_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.aarch64"
},
"product_reference": "patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.6-9.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.6-9.el8_0.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.6-9.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debugsource-0:2.7.6-9.el8_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.aarch64"
},
"product_reference": "patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debugsource-0:2.7.6-9.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.ppc64le"
},
"product_reference": "patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debugsource-0:2.7.6-9.el8_0.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.s390x"
},
"product_reference": "patch-debugsource-0:2.7.6-9.el8_0.s390x",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debugsource-0:2.7.6-9.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.x86_64"
},
"product_reference": "patch-debugsource-0:2.7.6-9.el8_0.x86_64",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-20969",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1746672"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. Strings beginning with a exclamation mark are not blocked by default. When ed receives an exclamation mark-prefixed command line argument, the argument is executed as a shell command. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: do_ed_script in pch.c does not block strings beginning with a ! character",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.src",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20969"
},
{
"category": "external",
"summary": "RHBZ#1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20969",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20969"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969"
},
{
"category": "external",
"summary": "https://seclists.org/bugtraq/2019/Aug/29",
"url": "https://seclists.org/bugtraq/2019/Aug/29"
}
],
"release_date": "2019-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-19T04:11:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.src",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2798"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.src",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: do_ed_script in pch.c does not block strings beginning with a ! character"
},
{
"cve": "CVE-2019-13638",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1733916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. An ed-style diff payload patch file with shell metacharacters can be used to inject OS shell commands into a system. The ed editor does not need to be present on the vulnerable system for this attack to function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: OS shell command injection when processing crafted patch files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 is not affected by this vulnerability as the shipped version of patch did not carry the code that introduced this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.src",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-13638"
},
{
"category": "external",
"summary": "RHBZ#1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-13638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638"
}
],
"release_date": "2019-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-19T04:11:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.src",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2798"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.src",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: OS shell command injection when processing crafted patch files"
}
]
}
RHSA-2019:2964
Vulnerability from csaf_redhat - Published: 2019-10-03 14:16 - Updated: 2025-11-21 18:10Summary
Red Hat Security Advisory: patch security update
Notes
Topic
An update for patch is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).
Security Fix(es):
* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)
* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for patch is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).\n\nSecurity Fix(es):\n\n* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)\n\n* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:2964",
"url": "https://access.redhat.com/errata/RHSA-2019:2964"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2964.json"
}
],
"title": "Red Hat Security Advisory: patch security update",
"tracking": {
"current_release_date": "2025-11-21T18:10:24+00:00",
"generator": {
"date": "2025-11-21T18:10:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2019:2964",
"initial_release_date": "2019-10-03T14:16:22+00:00",
"revision_history": [
{
"date": "2019-10-03T14:16:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-10-03T14:16:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:10:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-12.el7_7.x86_64",
"product": {
"name": "patch-0:2.7.1-12.el7_7.x86_64",
"product_id": "patch-0:2.7.1-12.el7_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-12.el7_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"product": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"product_id": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-12.el7_7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-12.el7_7.src",
"product": {
"name": "patch-0:2.7.1-12.el7_7.src",
"product_id": "patch-0:2.7.1-12.el7_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-12.el7_7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-12.el7_7.s390x",
"product": {
"name": "patch-0:2.7.1-12.el7_7.s390x",
"product_id": "patch-0:2.7.1-12.el7_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-12.el7_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"product": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"product_id": "patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-12.el7_7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-12.el7_7.ppc64",
"product": {
"name": "patch-0:2.7.1-12.el7_7.ppc64",
"product_id": "patch-0:2.7.1-12.el7_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-12.el7_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"product": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"product_id": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-12.el7_7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-12.el7_7.ppc64le",
"product": {
"name": "patch-0:2.7.1-12.el7_7.ppc64le",
"product_id": "patch-0:2.7.1-12.el7_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-12.el7_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"product": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"product_id": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-12.el7_7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64"
},
"product_reference": "patch-0:2.7.1-12.el7_7.ppc64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le"
},
"product_reference": "patch-0:2.7.1-12.el7_7.ppc64le",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-0:2.7.1-12.el7_7.s390x"
},
"product_reference": "patch-0:2.7.1-12.el7_7.s390x",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-0:2.7.1-12.el7_7.src"
},
"product_reference": "patch-0:2.7.1-12.el7_7.src",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64"
},
"product_reference": "patch-0:2.7.1-12.el7_7.x86_64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64"
},
"product_reference": "patch-0:2.7.1-12.el7_7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le"
},
"product_reference": "patch-0:2.7.1-12.el7_7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.s390x"
},
"product_reference": "patch-0:2.7.1-12.el7_7.s390x",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.src"
},
"product_reference": "patch-0:2.7.1-12.el7_7.src",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64"
},
"product_reference": "patch-0:2.7.1-12.el7_7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64"
},
"product_reference": "patch-0:2.7.1-12.el7_7.ppc64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le"
},
"product_reference": "patch-0:2.7.1-12.el7_7.ppc64le",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-0:2.7.1-12.el7_7.s390x"
},
"product_reference": "patch-0:2.7.1-12.el7_7.s390x",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-0:2.7.1-12.el7_7.src"
},
"product_reference": "patch-0:2.7.1-12.el7_7.src",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64"
},
"product_reference": "patch-0:2.7.1-12.el7_7.x86_64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64"
},
"product_reference": "patch-0:2.7.1-12.el7_7.ppc64",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le"
},
"product_reference": "patch-0:2.7.1-12.el7_7.ppc64le",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.s390x"
},
"product_reference": "patch-0:2.7.1-12.el7_7.s390x",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.src"
},
"product_reference": "patch-0:2.7.1-12.el7_7.src",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64"
},
"product_reference": "patch-0:2.7.1-12.el7_7.x86_64",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"relates_to_product_reference": "7Workstation-7.7.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-20969",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1746672"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. Strings beginning with a exclamation mark are not blocked by default. When ed receives an exclamation mark-prefixed command line argument, the argument is executed as a shell command. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: do_ed_script in pch.c does not block strings beginning with a ! character",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20969"
},
{
"category": "external",
"summary": "RHBZ#1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20969",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20969"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969"
},
{
"category": "external",
"summary": "https://seclists.org/bugtraq/2019/Aug/29",
"url": "https://seclists.org/bugtraq/2019/Aug/29"
}
],
"release_date": "2019-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-03T14:16:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2964"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: do_ed_script in pch.c does not block strings beginning with a ! character"
},
{
"cve": "CVE-2019-13638",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1733916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. An ed-style diff payload patch file with shell metacharacters can be used to inject OS shell commands into a system. The ed editor does not need to be present on the vulnerable system for this attack to function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: OS shell command injection when processing crafted patch files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 is not affected by this vulnerability as the shipped version of patch did not carry the code that introduced this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-13638"
},
{
"category": "external",
"summary": "RHBZ#1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-13638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638"
}
],
"release_date": "2019-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-03T14:16:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2964"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: OS shell command injection when processing crafted patch files"
}
]
}
RHSA-2019:4061
Vulnerability from csaf_redhat - Published: 2019-12-03 11:04 - Updated: 2025-11-21 18:11Summary
Red Hat Security Advisory: patch security update
Notes
Topic
An update for patch is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).
Security Fix(es):
* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)
* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for patch is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).\n\nSecurity Fix(es):\n\n* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)\n\n* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:4061",
"url": "https://access.redhat.com/errata/RHSA-2019:4061"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_4061.json"
}
],
"title": "Red Hat Security Advisory: patch security update",
"tracking": {
"current_release_date": "2025-11-21T18:11:29+00:00",
"generator": {
"date": "2025-11-21T18:11:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2019:4061",
"initial_release_date": "2019-12-03T11:04:16+00:00",
"revision_history": [
{
"date": "2019-12-03T11:04:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-12-03T11:04:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:11:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.4::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product": {
"name": "Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:7.4::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product": {
"name": "Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:7.4::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_4.x86_64",
"product": {
"name": "patch-0:2.7.1-11.el7_4.x86_64",
"product_id": "patch-0:2.7.1-11.el7_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_4.src",
"product": {
"name": "patch-0:2.7.1-11.el7_4.src",
"product_id": "patch-0:2.7.1-11.el7_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7_4.ppc64le",
"product": {
"name": "patch-0:2.7.1-11.el7_4.ppc64le",
"product_id": "patch-0:2.7.1-11.el7_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"product_id": "patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7_4?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_4.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.src"
},
"product_reference": "patch-0:2.7.1-11.el7_4.src",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_4.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7_4.ppc64le",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_4.src as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.src"
},
"product_reference": "patch-0:2.7.1-11.el7_4.src",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_4.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_4.src as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.src"
},
"product_reference": "patch-0:2.7.1-11.el7_4.src",
"relates_to_product_reference": "7Server-7.4.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-20969",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1746672"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. Strings beginning with a exclamation mark are not blocked by default. When ed receives an exclamation mark-prefixed command line argument, the argument is executed as a shell command. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: do_ed_script in pch.c does not block strings beginning with a ! character",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.AUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20969"
},
{
"category": "external",
"summary": "RHBZ#1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20969",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20969"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969"
},
{
"category": "external",
"summary": "https://seclists.org/bugtraq/2019/Aug/29",
"url": "https://seclists.org/bugtraq/2019/Aug/29"
}
],
"release_date": "2019-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-03T11:04:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.AUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:4061"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.AUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: do_ed_script in pch.c does not block strings beginning with a ! character"
},
{
"cve": "CVE-2019-13638",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1733916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. An ed-style diff payload patch file with shell metacharacters can be used to inject OS shell commands into a system. The ed editor does not need to be present on the vulnerable system for this attack to function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: OS shell command injection when processing crafted patch files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 is not affected by this vulnerability as the shipped version of patch did not carry the code that introduced this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.AUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-13638"
},
{
"category": "external",
"summary": "RHBZ#1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-13638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638"
}
],
"release_date": "2019-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-03T11:04:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.AUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:4061"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.AUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.AUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.E4S:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.ppc64le",
"7Server-7.4.E4S:patch-debuginfo-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.src",
"7Server-7.4.TUS:patch-0:2.7.1-11.el7_4.x86_64",
"7Server-7.4.TUS:patch-debuginfo-0:2.7.1-11.el7_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: OS shell command injection when processing crafted patch files"
}
]
}
RHSA-2019_2798
Vulnerability from csaf_redhat - Published: 2019-09-19 04:11 - Updated: 2024-11-22 13:43Summary
Red Hat Security Advisory: patch security update
Notes
Topic
An update for patch is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).
Security Fix(es):
* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)
* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for patch is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).\n\nSecurity Fix(es):\n\n* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)\n\n* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:2798",
"url": "https://access.redhat.com/errata/RHSA-2019:2798"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2798.json"
}
],
"title": "Red Hat Security Advisory: patch security update",
"tracking": {
"current_release_date": "2024-11-22T13:43:11+00:00",
"generator": {
"date": "2024-11-22T13:43:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2019:2798",
"initial_release_date": "2019-09-19T04:11:16+00:00",
"revision_history": [
{
"date": "2019-09-19T04:11:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-09-19T04:11:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T13:43:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.6-9.el8_0.ppc64le",
"product": {
"name": "patch-0:2.7.6-9.el8_0.ppc64le",
"product_id": "patch-0:2.7.6-9.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.6-9.el8_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"product": {
"name": "patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"product_id": "patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debugsource@2.7.6-9.el8_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"product": {
"name": "patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"product_id": "patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.6-9.el8_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.6-9.el8_0.s390x",
"product": {
"name": "patch-0:2.7.6-9.el8_0.s390x",
"product_id": "patch-0:2.7.6-9.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.6-9.el8_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "patch-debugsource-0:2.7.6-9.el8_0.s390x",
"product": {
"name": "patch-debugsource-0:2.7.6-9.el8_0.s390x",
"product_id": "patch-debugsource-0:2.7.6-9.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debugsource@2.7.6-9.el8_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"product": {
"name": "patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"product_id": "patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.6-9.el8_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.6-9.el8_0.x86_64",
"product": {
"name": "patch-0:2.7.6-9.el8_0.x86_64",
"product_id": "patch-0:2.7.6-9.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.6-9.el8_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "patch-debugsource-0:2.7.6-9.el8_0.x86_64",
"product": {
"name": "patch-debugsource-0:2.7.6-9.el8_0.x86_64",
"product_id": "patch-debugsource-0:2.7.6-9.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debugsource@2.7.6-9.el8_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"product": {
"name": "patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"product_id": "patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.6-9.el8_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.6-9.el8_0.aarch64",
"product": {
"name": "patch-0:2.7.6-9.el8_0.aarch64",
"product_id": "patch-0:2.7.6-9.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.6-9.el8_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"product": {
"name": "patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"product_id": "patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debugsource@2.7.6-9.el8_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"product": {
"name": "patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"product_id": "patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.6-9.el8_0?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.6-9.el8_0.src",
"product": {
"name": "patch-0:2.7.6-9.el8_0.src",
"product_id": "patch-0:2.7.6-9.el8_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.6-9.el8_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.6-9.el8_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.aarch64"
},
"product_reference": "patch-0:2.7.6-9.el8_0.aarch64",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.6-9.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.ppc64le"
},
"product_reference": "patch-0:2.7.6-9.el8_0.ppc64le",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.6-9.el8_0.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.s390x"
},
"product_reference": "patch-0:2.7.6-9.el8_0.s390x",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.6-9.el8_0.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.src"
},
"product_reference": "patch-0:2.7.6-9.el8_0.src",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.6-9.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.x86_64"
},
"product_reference": "patch-0:2.7.6-9.el8_0.x86_64",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.6-9.el8_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.aarch64"
},
"product_reference": "patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.6-9.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.6-9.el8_0.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.6-9.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debugsource-0:2.7.6-9.el8_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.aarch64"
},
"product_reference": "patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debugsource-0:2.7.6-9.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.ppc64le"
},
"product_reference": "patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debugsource-0:2.7.6-9.el8_0.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.s390x"
},
"product_reference": "patch-debugsource-0:2.7.6-9.el8_0.s390x",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debugsource-0:2.7.6-9.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.x86_64"
},
"product_reference": "patch-debugsource-0:2.7.6-9.el8_0.x86_64",
"relates_to_product_reference": "BaseOS-8.0.0.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-20969",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1746672"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. Strings beginning with a exclamation mark are not blocked by default. When ed receives an exclamation mark-prefixed command line argument, the argument is executed as a shell command. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: do_ed_script in pch.c does not block strings beginning with a ! character",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.src",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20969"
},
{
"category": "external",
"summary": "RHBZ#1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20969",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20969"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969"
},
{
"category": "external",
"summary": "https://seclists.org/bugtraq/2019/Aug/29",
"url": "https://seclists.org/bugtraq/2019/Aug/29"
}
],
"release_date": "2019-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-19T04:11:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.src",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2798"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.src",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: do_ed_script in pch.c does not block strings beginning with a ! character"
},
{
"cve": "CVE-2019-13638",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1733916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. An ed-style diff payload patch file with shell metacharacters can be used to inject OS shell commands into a system. The ed editor does not need to be present on the vulnerable system for this attack to function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: OS shell command injection when processing crafted patch files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 is not affected by this vulnerability as the shipped version of patch did not carry the code that introduced this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.src",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-13638"
},
{
"category": "external",
"summary": "RHBZ#1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-13638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638"
}
],
"release_date": "2019-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-19T04:11:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.src",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2798"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.src",
"BaseOS-8.0.0.Z:patch-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debuginfo-0:2.7.6-9.el8_0.x86_64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.aarch64",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.ppc64le",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.s390x",
"BaseOS-8.0.0.Z:patch-debugsource-0:2.7.6-9.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: OS shell command injection when processing crafted patch files"
}
]
}
RHSA-2019_2964
Vulnerability from csaf_redhat - Published: 2019-10-03 14:16 - Updated: 2024-11-22 13:43Summary
Red Hat Security Advisory: patch security update
Notes
Topic
An update for patch is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).
Security Fix(es):
* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)
* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for patch is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).\n\nSecurity Fix(es):\n\n* patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)\n\n* patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:2964",
"url": "https://access.redhat.com/errata/RHSA-2019:2964"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2964.json"
}
],
"title": "Red Hat Security Advisory: patch security update",
"tracking": {
"current_release_date": "2024-11-22T13:43:16+00:00",
"generator": {
"date": "2024-11-22T13:43:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2019:2964",
"initial_release_date": "2019-10-03T14:16:22+00:00",
"revision_history": [
{
"date": "2019-10-03T14:16:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-10-03T14:16:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T13:43:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-12.el7_7.x86_64",
"product": {
"name": "patch-0:2.7.1-12.el7_7.x86_64",
"product_id": "patch-0:2.7.1-12.el7_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-12.el7_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"product": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"product_id": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-12.el7_7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-12.el7_7.src",
"product": {
"name": "patch-0:2.7.1-12.el7_7.src",
"product_id": "patch-0:2.7.1-12.el7_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-12.el7_7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-12.el7_7.s390x",
"product": {
"name": "patch-0:2.7.1-12.el7_7.s390x",
"product_id": "patch-0:2.7.1-12.el7_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-12.el7_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"product": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"product_id": "patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-12.el7_7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-12.el7_7.ppc64",
"product": {
"name": "patch-0:2.7.1-12.el7_7.ppc64",
"product_id": "patch-0:2.7.1-12.el7_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-12.el7_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"product": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"product_id": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-12.el7_7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-12.el7_7.ppc64le",
"product": {
"name": "patch-0:2.7.1-12.el7_7.ppc64le",
"product_id": "patch-0:2.7.1-12.el7_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-12.el7_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"product": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"product_id": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-12.el7_7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64"
},
"product_reference": "patch-0:2.7.1-12.el7_7.ppc64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le"
},
"product_reference": "patch-0:2.7.1-12.el7_7.ppc64le",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-0:2.7.1-12.el7_7.s390x"
},
"product_reference": "patch-0:2.7.1-12.el7_7.s390x",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-0:2.7.1-12.el7_7.src"
},
"product_reference": "patch-0:2.7.1-12.el7_7.src",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64"
},
"product_reference": "patch-0:2.7.1-12.el7_7.x86_64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64"
},
"product_reference": "patch-0:2.7.1-12.el7_7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le"
},
"product_reference": "patch-0:2.7.1-12.el7_7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.s390x"
},
"product_reference": "patch-0:2.7.1-12.el7_7.s390x",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.src"
},
"product_reference": "patch-0:2.7.1-12.el7_7.src",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64"
},
"product_reference": "patch-0:2.7.1-12.el7_7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64"
},
"product_reference": "patch-0:2.7.1-12.el7_7.ppc64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le"
},
"product_reference": "patch-0:2.7.1-12.el7_7.ppc64le",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-0:2.7.1-12.el7_7.s390x"
},
"product_reference": "patch-0:2.7.1-12.el7_7.s390x",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-0:2.7.1-12.el7_7.src"
},
"product_reference": "patch-0:2.7.1-12.el7_7.src",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64"
},
"product_reference": "patch-0:2.7.1-12.el7_7.x86_64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64"
},
"product_reference": "patch-0:2.7.1-12.el7_7.ppc64",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le"
},
"product_reference": "patch-0:2.7.1-12.el7_7.ppc64le",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.s390x"
},
"product_reference": "patch-0:2.7.1-12.el7_7.s390x",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.src"
},
"product_reference": "patch-0:2.7.1-12.el7_7.src",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-12.el7_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64"
},
"product_reference": "patch-0:2.7.1-12.el7_7.x86_64",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"relates_to_product_reference": "7Workstation-7.7.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-20969",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1746672"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. Strings beginning with a exclamation mark are not blocked by default. When ed receives an exclamation mark-prefixed command line argument, the argument is executed as a shell command. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: do_ed_script in pch.c does not block strings beginning with a ! character",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20969"
},
{
"category": "external",
"summary": "RHBZ#1746672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20969",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20969"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20969"
},
{
"category": "external",
"summary": "https://seclists.org/bugtraq/2019/Aug/29",
"url": "https://seclists.org/bugtraq/2019/Aug/29"
}
],
"release_date": "2019-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-03T14:16:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2964"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: do_ed_script in pch.c does not block strings beginning with a ! character"
},
{
"cve": "CVE-2019-13638",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2019-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1733916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNU patch through version 2.7.6. An ed-style diff payload patch file with shell metacharacters can be used to inject OS shell commands into a system. The ed editor does not need to be present on the vulnerable system for this attack to function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: OS shell command injection when processing crafted patch files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 is not affected by this vulnerability as the shipped version of patch did not carry the code that introduced this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-13638"
},
{
"category": "external",
"summary": "RHBZ#1733916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-13638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638"
}
],
"release_date": "2019-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-03T14:16:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2964"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Client-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Client-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7ComputeNode-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7ComputeNode-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Server-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Server-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.src",
"7Workstation-7.7.Z:patch-0:2.7.1-12.el7_7.x86_64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.ppc64le",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.s390x",
"7Workstation-7.7.Z:patch-debuginfo-0:2.7.1-12.el7_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "patch: OS shell command injection when processing crafted patch files"
}
]
}
CERTFR-2019-AVI-451
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian 8 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems 8 s390x | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time for NFV 7 x86_64 | ||
| Red Hat | N/A | Red Hat Virtualization Host - Extended Update Support 4.2 for RHEL 7.6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for x86_64 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - AUS 7.7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian 7 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server 7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power 9 7 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Scientific Computing 7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for ARM 64 8 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Workstation 7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - TUS 7.6 x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for ARM 64 8 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time for NFV 8 x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for x86_64 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Extended Life Cycle Support 5 i386 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems 7 s390x | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for ARM 64 7 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, big endian 7 ppc64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 5 s390x | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Extended Update Support 7.6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Extended Update Support 7.7 x86_64 | ||
| Red Hat | N/A | Red Hat Virtualization Host 4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - AUS 7.6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Desktop 7 x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time 7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - TUS 7.7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Extended Life Cycle Support 5 x86_64 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, little endian 8 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems 8 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time for NFV 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Virtualization Host - Extended Update Support 4.2 for RHEL 7.6 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for x86_64 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - AUS 7.7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, little endian 7 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power 9 7 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Scientific Computing 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for ARM 64 8 aarch64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Workstation 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - TUS 7.6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for ARM 64 8 aarch64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time for NFV 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for x86_64 8 x86_64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Extended Life Cycle Support 5 i386",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems 7 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for ARM 64 7 aarch64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, big endian 7 ppc64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 5 s390x",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Extended Update Support 7.6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Extended Update Support 7.7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Virtualization Host 4 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - AUS 7.6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Desktop 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - TUS 7.7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Extended Life Cycle Support 5 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-6974",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6974"
},
{
"name": "CVE-2019-11810",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11810"
},
{
"name": "CVE-2019-5489",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5489"
},
{
"name": "CVE-2019-13272",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13272"
},
{
"name": "CVE-2019-13638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13638"
},
{
"name": "CVE-2019-14835",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14835"
},
{
"name": "CVE-2018-20969",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20969"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-451",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-09-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nRed Hat. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Red Hat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2828 du 20 septembre 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:2828"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2830 du 20 septembre 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:2830"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2827 du 20 septembre 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:2827"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2809 du 17 septembre 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:2809"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2837 du 20 septembre 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:2837"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2829 du 20 septembre 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:2829"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2798 du 17 septembre 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:2798"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2808 du 17 septembre 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:2808"
}
]
}
CERTFR-2019-AVI-451
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian 8 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems 8 s390x | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time for NFV 7 x86_64 | ||
| Red Hat | N/A | Red Hat Virtualization Host - Extended Update Support 4.2 for RHEL 7.6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for x86_64 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - AUS 7.7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian 7 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server 7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power 9 7 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Scientific Computing 7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for ARM 64 8 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Workstation 7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - TUS 7.6 x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for ARM 64 8 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time for NFV 8 x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for x86_64 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Extended Life Cycle Support 5 i386 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems 7 s390x | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for ARM 64 7 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, big endian 7 ppc64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 5 s390x | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Extended Update Support 7.6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Extended Update Support 7.7 x86_64 | ||
| Red Hat | N/A | Red Hat Virtualization Host 4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - AUS 7.6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Desktop 7 x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time 7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - TUS 7.7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Extended Life Cycle Support 5 x86_64 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, little endian 8 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems 8 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time for NFV 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Virtualization Host - Extended Update Support 4.2 for RHEL 7.6 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for x86_64 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - AUS 7.7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, little endian 7 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power 9 7 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Scientific Computing 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for ARM 64 8 aarch64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Workstation 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - TUS 7.6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for ARM 64 8 aarch64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time for NFV 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for x86_64 8 x86_64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Extended Life Cycle Support 5 i386",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems 7 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for ARM 64 7 aarch64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, big endian 7 ppc64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 5 s390x",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Extended Update Support 7.6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Extended Update Support 7.7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Virtualization Host 4 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - AUS 7.6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Desktop 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time 7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - TUS 7.7 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Extended Life Cycle Support 5 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-6974",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6974"
},
{
"name": "CVE-2019-11810",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11810"
},
{
"name": "CVE-2019-5489",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5489"
},
{
"name": "CVE-2019-13272",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13272"
},
{
"name": "CVE-2019-13638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13638"
},
{
"name": "CVE-2019-14835",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14835"
},
{
"name": "CVE-2018-20969",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20969"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-451",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-09-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nRed Hat. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Red Hat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2828 du 20 septembre 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:2828"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2830 du 20 septembre 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:2830"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2827 du 20 septembre 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:2827"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2809 du 17 septembre 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:2809"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2837 du 20 septembre 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:2837"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2829 du 20 septembre 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:2829"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2798 du 17 septembre 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:2798"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2808 du 17 septembre 2019",
"url": "https://access.redhat.com/errata/RHSA-2019:2808"
}
]
}
GHSA-VQPQ-8JVG-RWMX
Vulnerability from github – Published: 2022-05-24 16:51 – Updated: 2024-04-04 01:23
VLAI?
Details
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.
Severity ?
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2019-13638"
],
"database_specific": {
"cwe_ids": [
"CWE-78"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-26T13:15:00Z",
"severity": "HIGH"
},
"details": "GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.",
"id": "GHSA-vqpq-8jvg-rwmx",
"modified": "2024-04-04T01:23:18Z",
"published": "2022-05-24T16:51:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:2798"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:2964"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3757"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3758"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:4061"
},
{
"type": "WEB",
"url": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0"
},
{
"type": "WEB",
"url": "https://github.com/irsl/gnu-patch-vulnerabilities"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/Aug/29"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/Jul/54"
},
{
"type": "WEB",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-13638"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201908-22"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20190828-0001"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2019/dsa-4489"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2019-13638
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-13638",
"description": "GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.",
"id": "GSD-2019-13638",
"references": [
"https://www.suse.com/security/cve/CVE-2019-13638.html",
"https://www.debian.org/security/2019/dsa-4489",
"https://access.redhat.com/errata/RHSA-2019:4061",
"https://access.redhat.com/errata/RHSA-2019:3758",
"https://access.redhat.com/errata/RHSA-2019:3757",
"https://access.redhat.com/errata/RHSA-2019:2964",
"https://access.redhat.com/errata/RHSA-2019:2798",
"https://ubuntu.com/security/CVE-2019-13638",
"https://advisories.mageia.org/CVE-2019-13638.html",
"https://alas.aws.amazon.com/cve/html/CVE-2019-13638.html",
"https://linux.oracle.com/cve/CVE-2019-13638.html",
"https://packetstormsecurity.com/files/cve/CVE-2019-13638"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-13638"
],
"details": "GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.",
"id": "GSD-2019-13638",
"modified": "2023-12-13T01:23:41.726385Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13638",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2019-13638",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-13638"
},
{
"name": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0",
"refsource": "MISC",
"url": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0"
},
{
"name": "DSA-4489",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4489"
},
{
"name": "20190730 [SECURITY] [DSA 4489-1] patch security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Jul/54"
},
{
"name": "20190816 Details about recent GNU patch vulnerabilities",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Aug/29"
},
{
"name": "http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html"
},
{
"name": "GLSA-201908-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201908-22"
},
{
"name": "FEDORA-2019-ac709da87f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190828-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190828-0001/"
},
{
"name": "https://github.com/irsl/gnu-patch-vulnerabilities",
"refsource": "MISC",
"url": "https://github.com/irsl/gnu-patch-vulnerabilities"
},
{
"name": "RHSA-2019:2798",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2798"
},
{
"name": "RHSA-2019:2964",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2964"
},
{
"name": "RHSA-2019:3757",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3757"
},
{
"name": "RHSA-2019:3758",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3758"
},
{
"name": "RHSA-2019:4061",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:4061"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gnu:patch:2.7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13638"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0",
"refsource": "MISC",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2019-13638",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2019-13638"
},
{
"name": "DSA-4489",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4489"
},
{
"name": "20190730 [SECURITY] [DSA 4489-1] patch security update",
"refsource": "BUGTRAQ",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Jul/54"
},
{
"name": "20190816 Details about recent GNU patch vulnerabilities",
"refsource": "BUGTRAQ",
"tags": [],
"url": "https://seclists.org/bugtraq/2019/Aug/29"
},
{
"name": "http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html",
"refsource": "MISC",
"tags": [],
"url": "http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html"
},
{
"name": "GLSA-201908-22",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/201908-22"
},
{
"name": "FEDORA-2019-ac709da87f",
"refsource": "FEDORA",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190828-0001/",
"refsource": "CONFIRM",
"tags": [],
"url": "https://security.netapp.com/advisory/ntap-20190828-0001/"
},
{
"name": "https://github.com/irsl/gnu-patch-vulnerabilities",
"refsource": "MISC",
"tags": [],
"url": "https://github.com/irsl/gnu-patch-vulnerabilities"
},
{
"name": "RHSA-2019:2798",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:2798"
},
{
"name": "RHSA-2019:2964",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:2964"
},
{
"name": "RHSA-2019:3757",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:3757"
},
{
"name": "RHSA-2019:4061",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:4061"
},
{
"name": "RHSA-2019:3758",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:3758"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2019-08-16T12:15Z",
"publishedDate": "2019-07-26T13:15Z"
}
}
}
CVE-2019-13638
Vulnerability from fstec - Published: 27.07.2019
VLAI Severity ?
Title
Уязвимость функции do_ed_script (src/pch.c) программной Unix-утилиты GNU Patch, связанная с непринятием мер по нейтрализации специальных элементов, используемых в команде операционной системы, позволяющая нарушителю получить доступ к конфиденциальной информации и выполнить произвольную команду
Description
Уязвимость функции do_ed_script (src/pch.c) программной Unix-утилиты GNU Patch связана с непринятием мер по нейтрализации специальных элементов, используемых в команде операционной системы. Эксплуатация уязвимости может позволить нарушителю получить доступ к конфиденциальной информации и выполнить произвольную команду с помощью специально созданного файла
Severity ?
Vendor
ООО «РусБИТех-Астра», Red Hat Inc., Сообщество свободного программного обеспечения, Fedora Project, АО «Концерн ВНИИНС»
Software Name
Astra Linux Special Edition (запись в едином реестре российских программ №369), Red Hat Enterprise Linux, Debian GNU/Linux, Fedora, GNU Patch, Astra Linux Special Edition для «Эльбрус» (запись в едином реестре российских программ №11156), ОС ОН «Стрелец» (запись в едином реестре российских программ №6177)
Software Version
1.5 «Смоленск» (Astra Linux Special Edition), 7 (Red Hat Enterprise Linux), 9 (Debian GNU/Linux), 1.6 «Смоленск» (Astra Linux Special Edition), 8 (Red Hat Enterprise Linux), 30 (Fedora), 8 (Debian GNU/Linux), 10 (Debian GNU/Linux), 2.7.6 (GNU Patch), 7.5 Extended Update Support (Red Hat Enterprise Linux), 7.6 Extended Update Support (Red Hat Enterprise Linux), 8.1 «Ленинград» (Astra Linux Special Edition для «Эльбрус»), 7.4 AUS (Red Hat Enterprise Linux), 7.4 US for SAP Solutions (Red Hat Enterprise Linux), 7.4 Telco Extended Update Support (Red Hat Enterprise Linux), до 16.01.2023 (ОС ОН «Стрелец»)
Possible Mitigations
Использование рекомендаций:
Для GNU Patch:
https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0
Обновление программного обеспечения до 2.7.6-5 или более поздней версии
Для Debian GNU/Linux:
https://www.debian.org/security/2019/dsa-4489
Для Fedora:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/
Для Astra Linux:
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20200327SE16
https://wiki.astralinux.ru/astra-linux-se81-bulletin-20200429SE81
https://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15
Обновление программного обеспечения (пакета patch) до 2.7.5-1+deb9u2 или более поздней версии
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/CVE-2019-13638
Для ОС ОН «Стрелец»:
Обновление программного обеспечения patch до версии 2.7.5-1+deb9u2
Reference
http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html
https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0
https://github.com/irsl/gnu-patch-vulnerabilities
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/
https://seclists.org/bugtraq/2019/Aug/29
https://seclists.org/bugtraq/2019/Jul/54
https://security.gentoo.org/glsa/201908-22
https://security.netapp.com/advisory/ntap-20190828-0001/
https://security-tracker.debian.org/tracker/CVE-2019-13638
https://www.debian.org/security/2019/dsa-4489
https://access.redhat.com/security/cve/CVE-2019-13638
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20200327SE16
https://wiki.astralinux.ru/astra-linux-se81-bulletin-20200429SE81
https://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15
https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023
CWE
CWE-78
{
"CVSS 2.0": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Red Hat Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Fedora Project, \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.5 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 7 (Red Hat Enterprise Linux), 9 (Debian GNU/Linux), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 8 (Red Hat Enterprise Linux), 30 (Fedora), 8 (Debian GNU/Linux), 10 (Debian GNU/Linux), 2.7.6 (GNU Patch), 7.5 Extended Update Support (Red Hat Enterprise Linux), 7.6 Extended Update Support (Red Hat Enterprise Linux), 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb), 7.4 AUS (Red Hat Enterprise Linux), 7.4 US for SAP Solutions (Red Hat Enterprise Linux), 7.4 Telco Extended Update Support (Red Hat Enterprise Linux), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\n\u0414\u043b\u044f GNU Patch:\n\nhttps://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0\n\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e 2.7.6-5 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f Debian GNU/Linux:\n\nhttps://www.debian.org/security/2019/dsa-4489\n\n\n\n\u0414\u043b\u044f Fedora:\n\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/\n\n\u0414\u043b\u044f Astra Linux:\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20200327SE16\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20200429SE81\nhttps://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 patch) \u0434\u043e 2.7.5-1+deb9u2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/CVE-2019-13638\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f patch \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2.7.5-1+deb9u2",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "27.07.2019",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "21.11.2023",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "19.09.2019",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-03232",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-13638",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Enterprise Linux, Debian GNU/Linux, Fedora, GNU Patch, Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.5 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Inc. Red Hat Enterprise Linux 7 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Inc. Red Hat Enterprise Linux 8 , Fedora Project Fedora 30 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , Red Hat Inc. Red Hat Enterprise Linux 7.5 Extended Update Support , Red Hat Inc. Red Hat Enterprise Linux 7.6 Extended Update Support , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), Red Hat Inc. Red Hat Enterprise Linux 7.4 AUS , Red Hat Inc. Red Hat Enterprise Linux 7.4 US for SAP Solutions , Red Hat Inc. Red Hat Enterprise Linux 7.4 Telco Extended Update Support , \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 do_ed_script (src/pch.c) \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 Unix-\u0443\u0442\u0438\u043b\u0438\u0442\u044b GNU Patch, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435\u043c \u043c\u0435\u0440 \u043f\u043e \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 \u043a\u043e\u043c\u0430\u043d\u0434\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u0443\u044e \u043a\u043e\u043c\u0430\u043d\u0434\u0443",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435 \u043c\u0435\u0440 \u043f\u043e \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 \u043a\u043e\u043c\u0430\u043d\u0434\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b (\u0412\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0432 \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b) (CWE-78)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 do_ed_script (src/pch.c) \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 Unix-\u0443\u0442\u0438\u043b\u0438\u0442\u044b GNU Patch \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435\u043c \u043c\u0435\u0440 \u043f\u043e \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 \u043a\u043e\u043c\u0430\u043d\u0434\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u0443\u044e \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u043d\u044a\u0435\u043a\u0446\u0438\u044f",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html \nhttps://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0 \n\nhttps://github.com/irsl/gnu-patch-vulnerabilities \n\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/ \nhttps://seclists.org/bugtraq/2019/Aug/29 \nhttps://seclists.org/bugtraq/2019/Jul/54 \n\nhttps://security.gentoo.org/glsa/201908-22 \n\nhttps://security.netapp.com/advisory/ntap-20190828-0001/ \n\nhttps://security-tracker.debian.org/tracker/CVE-2019-13638 \n\nhttps://www.debian.org/security/2019/dsa-4489\nhttps://access.redhat.com/security/cve/CVE-2019-13638\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20200327SE16\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20200429SE81\nhttps://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-78",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,2)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)"
}
CVE-2019-13638
Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2025-07-08 10:00 - Updated: 2025-07-08 10:00Summary
Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware
Notes
Summary
Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2025.0.2
Impact
Availability, integrity, or confidentiality of the PLCnext Control might be compromised by attacks using these vulnerabilities.
Remediation
Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.
General Recommendation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our [application note](https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf).
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination.",
"urls": [
"https://certvde.com"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2025.0.2",
"title": "Summary"
},
{
"category": "description",
"text": "Availability, integrity, or confidentiality of the PLCnext Control might be compromised by attacks using these vulnerabilities.",
"title": "Impact"
},
{
"category": "description",
"text": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"title": "Remediation"
},
{
"category": "general",
"text": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our [application note](https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf).",
"title": "General Recommendation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@phoenixcontact.com",
"name": "Phoenix Contact GmbH \u0026 Co. KG",
"namespace": "https://phoenixcontact.com/psirt"
},
"references": [
{
"category": "external",
"summary": "PCSA-2025/00008",
"url": "https://phoenixcontact.com/psirt"
},
{
"category": "external",
"summary": "Phoenix Contact advisory overview at CERT@VDE",
"url": "https://certvde.com/de/advisories/vendor/phoenixcontact/"
},
{
"category": "external",
"summary": "Phoenix Contact application note",
"url": "https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf"
},
{
"category": "self",
"summary": "VDE-2025-053: Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware - HTML",
"url": "https://certvde.com/en/advisories/VDE-2025-053"
},
{
"category": "self",
"summary": "VDE-2025-053: Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware - CSAF",
"url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-053.json"
}
],
"title": "Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware",
"tracking": {
"aliases": [
"VDE-2025-053",
"PCSA-2025/00008"
],
"current_release_date": "2025-07-08T10:00:00.000Z",
"generator": {
"date": "2025-06-26T10:14:28.625Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.27"
}
},
"id": "VDE-2025-053",
"initial_release_date": "2025-07-08T10:00:00.000Z",
"revision_history": [
{
"date": "2025-07-08T10:00:00.000Z",
"number": "1",
"summary": "Initial"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "AXC F 1152",
"product": {
"name": "AXC F 1152",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
}
},
{
"category": "product_name",
"name": "AXC F 2152",
"product": {
"name": "AXC F 2152",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
}
},
{
"category": "product_name",
"name": "AXC F 3152",
"product": {
"name": "AXC F 3152",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
}
},
{
"category": "product_name",
"name": "RFC 4072S",
"product": {
"name": "RFC 4072S",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
}
},
{
"category": "product_name",
"name": "BPC 9102S",
"product": {
"name": "BPC 9102S",
"product_id": "CSAFPID-11011",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2025.0.2",
"product": {
"name": "Firmware \u003c 2025.0.2",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version",
"name": "2025.0.2",
"product": {
"name": "Firmware 2025.0.2",
"product_id": "CSAFPID-22001"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Phoenix Contact GmbH \u0026 Co. KG"
}
],
"product_groups": [
{
"group_id": "CSAFGID-61001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
],
"summary": "Affected Products."
},
{
"group_id": "CSAFGID-62001",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"summary": "Fixed Product."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c 2025.0.2 installed on AXC F 1152",
"product_id": "CSAFPID-31001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2025.0.2 installed on AXC F 1152",
"product_id": "CSAFPID-32001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c 2025.0.2 installed on AXC F 2152",
"product_id": "CSAFPID-31002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2025.0.2 installed on AXC F 2152",
"product_id": "CSAFPID-32002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c 2025.0.2 installed on AXC F 3152",
"product_id": "CSAFPID-31004",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2025.0.2 installed on AXC F 3152",
"product_id": "CSAFPID-32004",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c 2025.0.2 installed on RFC 4072S",
"product_id": "CSAFPID-31005",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2025.0.2 installed on RFC 4072S",
"product_id": "CSAFPID-32005",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c 2025.0.2 installed on BPC 9102S",
"product_id": "CSAFPID-31007",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2025.0.2 installed on BPC 9102S",
"product_id": "CSAFPID-32007",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11011"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-12705",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12705](https://nvd.nist.gov/vuln/detail/CVE-2024-12705)",
"title": "Details"
},
{
"category": "description",
"text": "Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver\u0027s CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic.\nThis issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12705"
},
{
"cve": "CVE-2025-24965",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-24965](https://nvd.nist.gov/vuln/detail/CVE-2025-24965)",
"title": "Details"
},
{
"category": "description",
"text": "crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed, only the ability for the current user to write to the target file. The problem is fixed in crun 1.20 and all users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.7,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"temporalScore": 8.7,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-24965"
},
{
"cve": "CVE-2025-0665",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-0665](https://nvd.nist.gov/vuln/detail/CVE-2025-0665)",
"title": "Details"
},
{
"category": "description",
"text": "libcurl would wrongly close the same eventfd file descriptor twice when taking\ndown a connection channel after having completed a threaded name resolve.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-0665"
},
{
"cve": "CVE-2025-0167",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-0167](https://nvd.nist.gov/vuln/detail/CVE-2025-0167)",
"title": "Details"
},
{
"category": "description",
"text": "When asked to use a `.netrc` file for credentials **and** to follow HTTP\nredirects, curl could leak the password used for the first host to the\nfollowed-to host under certain circumstances.\n\nThis flaw only manifests itself if the netrc file has a `default` entry that\nomits both login and password. A rare circumstance.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"environmentalScore": 3.4,
"environmentalSeverity": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 3.4,
"temporalSeverity": "LOW",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-0167"
},
{
"cve": "CVE-2024-11053",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-11053](https://nvd.nist.gov/vuln/detail/CVE-2024-11053)",
"title": "Details"
},
{
"category": "description",
"text": "When asked to both use a `.netrc` file for credentials and to follow HTTP\nredirects, curl could leak the password used for the first host to the\nfollowed-to host under certain circumstances.\n\nThis flaw only manifests itself if the netrc file has an entry that matches\nthe redirect target hostname but the entry either omits just the password or\nomits both login and password.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"environmentalScore": 3.4,
"environmentalSeverity": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 3.4,
"temporalSeverity": "LOW",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-11053"
},
{
"cve": "CVE-2024-9681",
"cwe": {
"id": "CWE-697",
"name": "Incorrect Comparison"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-9681](https://nvd.nist.gov/vuln/detail/CVE-2024-9681)",
"title": "Details"
},
{
"category": "description",
"text": "When curl is asked to use HSTS, the expiry time for a subdomain might\noverwrite a parent domain\u0027s cache entry, making it end sooner or later than\notherwise intended.\n\nThis affects curl using applications that enable HSTS and use URLs with the\ninsecure `HTTP://` scheme and perform transfers with hosts like\n`x.example.com` as well as `example.com` where the first host is a subdomain\nof the second host.\n\n(The HSTS cache either needs to have been populated manually or there needs to\nhave been previous HTTPS accesses done as the cache needs to have entries for\nthe domains involved to trigger this problem.)\n\nWhen `x.example.com` responds with `Strict-Transport-Security:` headers, this\nbug can make the subdomain\u0027s expiry timeout *bleed over* and get set for the\nparent domain `example.com` in curl\u0027s HSTS cache.\n\nThe result of a triggered bug is that HTTP accesses to `example.com` get\nconverted to HTTPS for a different period of time than what was asked for by\nthe origin server. If `example.com` for example stops supporting HTTPS at its\nexpiry time, curl might then fail to access `http://example.com` until the\n(wrongly set) timeout expires. This bug can also expire the parent\u0027s entry\n*earlier*, thus making curl inadvertently switch back to insecure HTTP earlier\nthan otherwise intended.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-9681"
},
{
"cve": "CVE-2024-0684",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Coreutils: heap overflow in split --line-bytes with very long lines"
},
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-0684](https://nvd.nist.gov/vuln/detail/CVE-2024-0684)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in the GNU coreutils \"split\" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-0684"
},
{
"cve": "CVE-2024-52533",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-52533](https://nvd.nist.gov/vuln/detail/CVE-2024-52533)",
"title": "Details"
},
{
"category": "description",
"text": "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing \u0027\\0\u0027 character.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-52533"
},
{
"cve": "CVE-2020-16120",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"notes": [
{
"category": "summary",
"text": "Unprivileged overlay + shiftfs read access"
},
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2020-16120](https://nvd.nist.gov/vuln/detail/CVE-2020-16120)",
"title": "Details"
},
{
"category": "description",
"text": "Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a mountpoint controlled by the user, like a removable device. This was introduced in kernel version 4.19 by commit d1d04ef (\"ovl: stack file ops\"). This was fixed in kernel version 5.8 by commits 56230d9 (\"ovl: verify permissions in ovl_path_open()\"), 48bd024 (\"ovl: switch to mounter creds in readdir\") and 05acefb (\"ovl: check permission to open real file\"). Additionally, commits 130fdbc (\"ovl: pass correct flags for opening real directory\") and 292f902 (\"ovl: call secutiry hook in ovl_real_ioctl()\") in kernel 5.8 might also be desired or necessary. These additional commits introduced a regression in overlay mounts within user namespaces which prevented access to files with ownership outside of the user namespace. This regression was mitigated by subsequent commit b6650da (\"ovl: do not fail because of O_NOATIMEi\") in kernel 5.11.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 5.1,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.1,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2020-16120"
},
{
"cve": "CVE-2023-7256",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2023-7256](https://nvd.nist.gov/vuln/detail/CVE-2023-7256)",
"title": "Details"
},
{
"category": "description",
"text": "In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the caller function whether freeaddrinfo() still remains to be called after the function returns. This makes it possible in some scenarios that both the function and its caller call freeaddrinfo() for the same allocated memory block. A similar problem was reported in Apple libpcap, to which Apple assigned CVE-2023-40400.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.4,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 4.4,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2023-7256"
},
{
"cve": "CVE-2024-8006",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-8006](https://nvd.nist.gov/vuln/detail/CVE-2024-8006)",
"title": "Details"
},
{
"category": "description",
"text": "Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcap_findalldevs_ex(). One of the function arguments can be a filesystem path, which normally means a directory with input data files. When the specified path cannot be used as a directory, the function receives NULL from opendir(), but does not check the return value and passes the NULL value to readdir(), which causes a NULL pointer derefence.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.4,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 4.4,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-8006"
},
{
"cve": "CVE-2024-8176",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-8176](https://nvd.nist.gov/vuln/detail/CVE-2024-8176)",
"title": "Details"
},
{
"category": "description",
"text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-8176"
},
{
"cve": "CVE-2024-50602",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-50602](https://nvd.nist.gov/vuln/detail/CVE-2024-50602)",
"title": "Details"
},
{
"category": "description",
"text": "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-50602"
},
{
"cve": "CVE-2024-10918",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-10918](https://nvd.nist.gov/vuln/detail/CVE-2024-10918)",
"title": "Details"
},
{
"category": "description",
"text": "Stack-based Buffer Overflow vulnerability in libmodbus v3.1.10 allows to overflow the buffer allocated for the Modbus response if the function tries to reply to a Modbus request with an\nunexpected length.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-10918"
},
{
"cve": "CVE-2024-12133",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12133](https://nvd.nist.gov/vuln/detail/CVE-2024-12133)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12133"
},
{
"cve": "CVE-2025-27113",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-27113](https://nvd.nist.gov/vuln/detail/CVE-2025-27113)",
"title": "Details"
},
{
"category": "description",
"text": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-27113"
},
{
"cve": "CVE-2024-25062",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-25062](https://nvd.nist.gov/vuln/detail/CVE-2024-25062)",
"title": "Details"
},
{
"category": "description",
"text": "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-25062"
},
{
"cve": "CVE-2024-5742",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"notes": [
{
"category": "summary",
"text": "Nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file"
},
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-5742](https://nvd.nist.gov/vuln/detail/CVE-2024-5742)",
"title": "Details"
},
{
"category": "description",
"text": "A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.7,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 4.7,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-5742"
},
{
"cve": "CVE-2025-26466",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-26466](https://nvd.nist.gov/vuln/detail/CVE-2025-26466)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-26466"
},
{
"cve": "CVE-2025-26465",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-26465](https://nvd.nist.gov/vuln/detail/CVE-2025-26465)",
"title": "Details"
},
{
"category": "description",
"text": "A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client\u0027s memory resource first, turning the attack complexity high.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.8,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.8,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-26465"
},
{
"cve": "CVE-2024-6119",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-6119](https://nvd.nist.gov/vuln/detail/CVE-2024-6119)",
"title": "Details"
},
{
"category": "description",
"text": "Issue summary: Applications performing certificate name checks (e.g., TLS\nclients checking server certificates) may attempt to read an invalid memory\naddress resulting in abnormal termination of the application process.\n\nImpact summary: Abnormal termination of an application can a cause a denial of\nservice.\n\nApplications performing certificate name checks (e.g., TLS clients checking\nserver certificates) may attempt to read an invalid memory address when\ncomparing the expected name with an `otherName` subject alternative name of an\nX.509 certificate. This may result in an exception that terminates the\napplication program.\n\nNote that basic certificate chain validation (signatures, dates, ...) is not\naffected, the denial of service can occur only when the application also\nspecifies an expected DNS name, Email address or IP address.\n\nTLS servers rarely solicit client certificates, and even when they do, they\ngenerally don\u0027t perform a name check against a reference identifier (expected\nidentity), but rather extract the presented identity after checking the\ncertificate chain. So TLS servers are generally not affected and the severity\nof the issue is Moderate.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-9143",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-9143](https://nvd.nist.gov/vuln/detail/CVE-2024-9143)",
"title": "Details"
},
{
"category": "description",
"text": "Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted\nexplicit values for the field polynomial can lead to out-of-bounds memory reads\nor writes.\n\nImpact summary: Out of bound memory writes can lead to an application crash or\neven a possibility of a remote code execution, however, in all the protocols\ninvolving Elliptic Curve Cryptography that we\u0027re aware of, either only \"named\ncurves\" are supported, or, if explicit curve parameters are supported, they\nspecify an X9.62 encoding of binary (GF(2^m)) curves that can\u0027t represent\nproblematic input values. Thus the likelihood of existence of a vulnerable\napplication is low.\n\nIn particular, the X9.62 encoding is used for ECC keys in X.509 certificates,\nso problematic inputs cannot occur in the context of processing X.509\ncertificates. Any problematic use-cases would have to be using an \"exotic\"\ncurve encoding.\n\nThe affected APIs include: EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(),\nand various supporting BN_GF2m_*() functions.\n\nApplications working with \"exotic\" explicit binary (GF(2^m)) curve parameters,\nthat make it possible to represent invalid field polynomials with a zero\nconstant term, via the above or similar APIs, may terminate abruptly as a\nresult of reading or writing outside of array bounds. Remote code execution\ncannot easily be ruled out.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2024-5535",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "SSL_select_next_proto buffer overread"
},
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-5535](https://nvd.nist.gov/vuln/detail/CVE-2024-5535)",
"title": "Details"
},
{
"category": "description",
"text": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an\nempty supported client protocols buffer may cause a crash or memory contents to\nbe sent to the peer.\n\nImpact summary: A buffer overread can have a range of potential consequences\nsuch as unexpected application beahviour or a crash. In particular this issue\ncould result in up to 255 bytes of arbitrary private data from memory being sent\nto the peer leading to a loss of confidentiality. However, only applications\nthat directly call the SSL_select_next_proto function with a 0 length list of\nsupported client protocols are affected by this issue. This would normally never\nbe a valid scenario and is typically not under attacker control but may occur by\naccident in the case of a configuration or programming error in the calling\napplication.\n\nThe OpenSSL API function SSL_select_next_proto is typically used by TLS\napplications that support ALPN (Application Layer Protocol Negotiation) or NPN\n(Next Protocol Negotiation). NPN is older, was never standardised and\nis deprecated in favour of ALPN. We believe that ALPN is significantly more\nwidely deployed than NPN. The SSL_select_next_proto function accepts a list of\nprotocols from the server and a list of protocols from the client and returns\nthe first protocol that appears in the server list that also appears in the\nclient list. In the case of no overlap between the two lists it returns the\nfirst item in the client list. In either case it will signal whether an overlap\nbetween the two lists was found. In the case where SSL_select_next_proto is\ncalled with a zero length client list it fails to notice this condition and\nreturns the memory immediately following the client list pointer (and reports\nthat there was no overlap in the lists).\n\nThis function is typically called from a server side application callback for\nALPN or a client side application callback for NPN. In the case of ALPN the list\nof protocols supplied by the client is guaranteed by libssl to never be zero in\nlength. The list of server protocols comes from the application and should never\nnormally be expected to be of zero length. In this case if the\nSSL_select_next_proto function has been called as expected (with the list\nsupplied by the client passed in the client/client_len parameters), then the\napplication will not be vulnerable to this issue. If the application has\naccidentally been configured with a zero length server list, and has\naccidentally passed that zero length server list in the client/client_len\nparameters, and has additionally failed to correctly handle a \"no overlap\"\nresponse (which would normally result in a handshake failure in ALPN) then it\nwill be vulnerable to this problem.\n\nIn the case of NPN, the protocol permits the client to opportunistically select\na protocol when there is no overlap. OpenSSL returns the first client protocol\nin the no overlap case in support of this. The list of client protocols comes\nfrom the application and should never normally be expected to be of zero length.\nHowever if the SSL_select_next_proto function is accidentally called with a\nclient_len of 0 then an invalid memory pointer will be returned instead. If the\napplication uses this output as the opportunistic protocol then the loss of\nconfidentiality will occur.\n\nThis issue has been assessed as Low severity because applications are most\nlikely to be vulnerable if they are using NPN instead of ALPN - but NPN is not\nwidely used. It also requires an application configuration or programming error.\nFinally, this issue would not typically be under attacker control making active\nexploitation unlikely.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.\n\nDue to the low severity of this issue we are not issuing new releases of\nOpenSSL at this time. The fix will be included in the next releases when they\nbecome available.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.1,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.1,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-28882",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-28882](https://nvd.nist.gov/vuln/detail/CVE-2024-28882)",
"title": "Details"
},
{
"category": "description",
"text": "OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-28882"
},
{
"cve": "CVE-2024-5594",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-5594](https://nvd.nist.gov/vuln/detail/CVE-2024-5594)",
"title": "Details"
},
{
"category": "description",
"text": "OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.1,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.1,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-5594"
},
{
"cve": "CVE-2019-20633",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2019-20633](https://nvd.nist.gov/vuln/detail/CVE-2019-20633)",
"title": "Details"
},
{
"category": "description",
"text": "GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2019-20633"
},
{
"cve": "CVE-2019-13638",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2019-13638](https://nvd.nist.gov/vuln/detail/CVE-2019-13638)",
"title": "Details"
},
{
"category": "description",
"text": "GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 9.3,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2019-13638"
},
{
"cve": "CVE-2019-13636",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2019-13636](https://nvd.nist.gov/vuln/detail/CVE-2019-13636)",
"title": "Details"
},
{
"category": "description",
"text": "In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 5.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2019-13636"
},
{
"cve": "CVE-2018-1000156",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-1000156](https://nvd.nist.gov/vuln/detail/CVE-2018-1000156)",
"title": "Details"
},
{
"category": "description",
"text": "GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD\u0027s CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 6.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-1000156"
},
{
"cve": "CVE-2018-20969",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-20969](https://nvd.nist.gov/vuln/detail/CVE-2018-20969)",
"title": "Details"
},
{
"category": "description",
"text": "do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 9.3,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-20969"
},
{
"cve": "CVE-2018-6951",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-6951](https://nvd.nist.gov/vuln/detail/CVE-2018-6951)",
"title": "Details"
},
{
"category": "description",
"text": "An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a \"mangled rename\" issue.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-6951"
},
{
"cve": "CVE-2018-6952",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-6952](https://nvd.nist.gov/vuln/detail/CVE-2018-6952)",
"title": "Details"
},
{
"category": "description",
"text": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-6952"
},
{
"cve": "CVE-2024-9341",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-9341](https://nvd.nist.gov/vuln/detail/CVE-2024-9341)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.2,
"environmentalSeverity": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 8.2,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-9341"
},
{
"cve": "CVE-2023-27043",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2023-27043](https://nvd.nist.gov/vuln/detail/CVE-2023-27043)",
"title": "Details"
},
{
"category": "description",
"text": "The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2023-27043"
},
{
"cve": "CVE-2024-9287",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-9287](https://nvd.nist.gov/vuln/detail/CVE-2024-9287)",
"title": "Details"
},
{
"category": "description",
"text": "A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment \"activation\" scripts (ie \"source venv/bin/activate\"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren\u0027t activated before being used (ie \"./venv/bin/python\") are not affected.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-9287"
},
{
"cve": "CVE-2024-6232",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-6232](https://nvd.nist.gov/vuln/detail/CVE-2024-6232)",
"title": "Details"
},
{
"category": "description",
"text": "There is a MEDIUM severity vulnerability affecting CPython.\n\n\n\n\n\nRegular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-6232"
},
{
"cve": "CVE-2024-6345",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Remote Code Execution in pypa/setuptools"
},
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-6345](https://nvd.nist.gov/vuln/detail/CVE-2024-6345)",
"title": "Details"
},
{
"category": "description",
"text": "A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-6345"
},
{
"cve": "CVE-2024-12084",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12084](https://nvd.nist.gov/vuln/detail/CVE-2024-12084)",
"title": "Details"
},
{
"category": "description",
"text": "A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12084"
},
{
"cve": "CVE-2024-12085",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12085](https://nvd.nist.gov/vuln/detail/CVE-2024-12085)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12085"
},
{
"cve": "CVE-2024-12086",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12086](https://nvd.nist.gov/vuln/detail/CVE-2024-12086)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client\u0027s machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.1,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 6.1,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12086"
},
{
"cve": "CVE-2024-12087",
"cwe": {
"id": "CWE-35",
"name": "Path Traversal: \u0027.../...//\u0027"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12087](https://nvd.nist.gov/vuln/detail/CVE-2024-12087)",
"title": "Details"
},
{
"category": "description",
"text": "A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client\u0027s intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12087"
},
{
"cve": "CVE-2024-12088",
"cwe": {
"id": "CWE-35",
"name": "Path Traversal: \u0027.../...//\u0027"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12088](https://nvd.nist.gov/vuln/detail/CVE-2024-12088)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12088"
},
{
"cve": "CVE-2024-12747",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12747](https://nvd.nist.gov/vuln/detail/CVE-2024-12747)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in rsync. This vulnerability arises from a race condition during rsync\u0027s handling of symbolic links. Rsync\u0027s default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 5.6,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"temporalScore": 5.6,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12747"
},
{
"cve": "CVE-2022-0530",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2022-0530](https://nvd.nist.gov/vuln/detail/CVE-2022-0530)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2022-0530"
},
{
"cve": "CVE-2022-0529",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2022-0529](https://nvd.nist.gov/vuln/detail/CVE-2022-0529)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2022-0529"
},
{
"cve": "CVE-2021-4217",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2021-4217](https://nvd.nist.gov/vuln/detail/CVE-2021-4217)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"environmentalScore": 3.3,
"environmentalSeverity": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 3.3,
"temporalSeverity": "LOW",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2021-4217"
},
{
"cve": "CVE-2018-1000035",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-1000035](https://nvd.nist.gov/vuln/detail/CVE-2018-1000035)",
"title": "Details"
},
{
"category": "description",
"text": "A heap-based buffer overflow exists in Info-Zip UnZip version \u003c= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 6.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-1000035"
},
{
"cve": "CVE-2018-18384",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-18384](https://nvd.nist.gov/vuln/detail/CVE-2018-18384)",
"title": "Details"
},
{
"category": "description",
"text": "Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-18384"
},
{
"cve": "CVE-2016-9844",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2016-9844](https://nvd.nist.gov/vuln/detail/CVE-2016-9844)",
"title": "Details"
},
{
"category": "description",
"text": "Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via a large compression method value in the central directory file header.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 4,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 2.1,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2016-9844"
},
{
"cve": "CVE-2019-13232",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2019-13232](https://nvd.nist.gov/vuln/detail/CVE-2019-13232)",
"title": "Details"
},
{
"category": "description",
"text": "Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a \"better zip bomb\" issue.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"environmentalScore": 3.3,
"environmentalSeverity": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 3.3,
"temporalSeverity": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 2.1,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2019-13232"
},
{
"cve": "CVE-2015-7696",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2015-7696](https://nvd.nist.gov/vuln/detail/CVE-2015-7696)",
"title": "Details"
},
{
"category": "description",
"text": "Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"environmentalScore": 6.8,
"integrityImpact": "PARTIAL",
"temporalScore": 6.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2015-7696"
},
{
"cve": "CVE-2015-7697",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2015-7697](https://nvd.nist.gov/vuln/detail/CVE-2015-7697)",
"title": "Details"
},
{
"category": "description",
"text": "Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2015-7697"
},
{
"cve": "CVE-2024-38428",
"cwe": {
"id": "CWE-436",
"name": "Interpretation Conflict"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-38428](https://nvd.nist.gov/vuln/detail/CVE-2024-38428)",
"title": "Details"
},
{
"category": "description",
"text": "url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.1,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.1,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-38428"
},
{
"cve": "CVE-2024-10524",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-10524](https://nvd.nist.gov/vuln/detail/CVE-2024-10524)",
"title": "Details"
},
{
"category": "description",
"text": "Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-10524"
}
]
}
FKIE_CVE-2019-13638
Vulnerability from fkie_nvd - Published: 2019-07-26 13:15 - Updated: 2024-11-21 04:25
Severity ?
Summary
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:2798 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:2964 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:3757 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:3758 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:4061 | ||
| cve@mitre.org | https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0 | Mailing List, Patch, Vendor Advisory | |
| cve@mitre.org | https://github.com/irsl/gnu-patch-vulnerabilities | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/ | ||
| cve@mitre.org | https://seclists.org/bugtraq/2019/Aug/29 | ||
| cve@mitre.org | https://seclists.org/bugtraq/2019/Jul/54 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://security-tracker.debian.org/tracker/CVE-2019-13638 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201908-22 | ||
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190828-0001/ | ||
| cve@mitre.org | https://www.debian.org/security/2019/dsa-4489 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:2798 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:2964 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:3757 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:3758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:4061 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0 | Mailing List, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/irsl/gnu-patch-vulnerabilities | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Aug/29 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Jul/54 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2019-13638 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201908-22 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190828-0001/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2019/dsa-4489 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | patch | 2.7.6 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:patch:2.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "050A9139-DC81-4789-8FD9-A6EBFB8ED6E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156."
},
{
"lang": "es",
"value": "RouterOS de Mikrotik anterior a versi\u00f3n 6.44.5 (\u00e1rbol de actualizaciones a largo plazo) es vulnerable al agotamiento de la memoria. Mediante el env\u00edo de una petici\u00f3n HTTP dise\u00f1ada, un atacante remoto autenticado puede bloquear el servidor HTTP y, en algunas circunstancias, reiniciar el sistema. El c\u00f3digo no puede ser inyectado."
}
],
"id": "CVE-2019-13638",
"lastModified": "2024-11-21T04:25:25.007",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-26T13:15:12.783",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:2798"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:2964"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:3757"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:3758"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:4061"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/irsl/gnu-patch-vulnerabilities"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/bugtraq/2019/Aug/29"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Jul/54"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2019-13638"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201908-22"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20190828-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:2798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:2964"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:3757"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:3758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:4061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/irsl/gnu-patch-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Aug/29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Jul/54"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2019-13638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201908-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20190828-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4489"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
MSRC_CVE-2019-13638
Vulnerability from csaf_microsoft - Published: 2019-07-02 00:00 - Updated: 2024-06-30 07:00Summary
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2019-13638 GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2019/msrc_cve-2019-13638.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.",
"tracking": {
"current_release_date": "2024-06-30T07:00:00.000Z",
"generator": {
"date": "2025-10-19T17:44:23.552Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2019-13638",
"initial_release_date": "2019-07-02T00:00:00.000Z",
"revision_history": [
{
"date": "2020-09-25T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2021-12-16T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added patch to CBL-Mariner 2.0"
},
{
"date": "2024-06-30T07:00:00.000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Information published."
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "16817"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 patch 2.7.6-7",
"product": {
"name": "\u003ccm1 patch 2.7.6-7",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "cm1 patch 2.7.6-7",
"product": {
"name": "cm1 patch 2.7.6-7",
"product_id": "16925"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 patch 2.7.6-7",
"product": {
"name": "\u003ccbl2 patch 2.7.6-7",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "cbl2 patch 2.7.6-7",
"product": {
"name": "cbl2 patch 2.7.6-7",
"product_id": "16926"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 patch 2.7.6-9",
"product": {
"name": "\u003cazl3 patch 2.7.6-9",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 patch 2.7.6-9",
"product": {
"name": "azl3 patch 2.7.6-9",
"product_id": "16927"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 patch 2.7.6-9",
"product": {
"name": "\u003cazl3 patch 2.7.6-9",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "azl3 patch 2.7.6-9",
"product": {
"name": "azl3 patch 2.7.6-9",
"product_id": "16927"
}
}
],
"category": "product_name",
"name": "patch"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 patch 2.7.6-7 as a component of CBL Mariner 1.0",
"product_id": "16820-4"
},
"product_reference": "4",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 patch 2.7.6-7 as a component of CBL Mariner 1.0",
"product_id": "16925-16820"
},
"product_reference": "16925",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 patch 2.7.6-7 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 patch 2.7.6-7 as a component of CBL Mariner 2.0",
"product_id": "16926-17086"
},
"product_reference": "16926",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 patch 2.7.6-9 as a component of Azure Linux 3.0",
"product_id": "16817-1"
},
"product_reference": "1",
"relates_to_product_reference": "16817"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 patch 2.7.6-9 as a component of Azure Linux 3.0",
"product_id": "16927-16817"
},
"product_reference": "16927",
"relates_to_product_reference": "16817"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 patch 2.7.6-9 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 patch 2.7.6-9 as a component of Azure Linux 3.0",
"product_id": "16927-17084"
},
"product_reference": "16927",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13638",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "general",
"text": "mitre",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"16925-16820",
"16926-17086",
"16927-16817",
"16927-17084"
],
"known_affected": [
"16820-4",
"17086-3",
"16817-1",
"17084-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2019-13638 GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2019/msrc_cve-2019-13638.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-25T00:00:00.000Z",
"details": "2.7.6-7:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-4",
"17086-3"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2020-09-25T00:00:00.000Z",
"details": "2.7.6-9:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16817-1",
"17084-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"16820-4",
"17086-3",
"16817-1",
"17084-2"
]
}
],
"title": "GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156."
}
]
}
cleanstart-2026-na21773
Vulnerability from cleanstart
Published
2026-03-04 00:42
Modified
2026-03-03 12:59
Summary
GNU patch through 2
Details
Multiple security vulnerabilities affect the patch package. GNU patch through 2. See references for individual vulnerability details.
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "patch"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.7.6-r7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the patch package. GNU patch through 2. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-NA21773",
"modified": "2026-03-03T12:59:01Z",
"published": "2026-03-04T00:42:01.122309Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NA21773.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-13636"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-13638"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-20633"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13636"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20633"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "GNU patch through 2",
"upstream": [
"CVE-2019-13636",
"CVE-2019-13638",
"CVE-2019-20633"
]
}
CNVD-2019-29134
Vulnerability from cnvd - Published: 2019-08-28
VLAI Severity ?
Title
GNU patch代码执行漏洞
Description
GNU patch是GNU计划的一套用于生成补丁文件的工具。
GNU patch 2.7.5-1+deb8u3版本中存在安全漏洞。攻击者可利用该漏洞执行代码。
Severity
高
Patch Name
GNU patch代码执行漏洞 的补丁
Patch Description
GNU patch是GNU计划的一套用于生成补丁文件的工具。
GNU patch 2.7.5-1+deb8u3版本中存在安全漏洞。攻击者可利用该漏洞执行代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0
Reference
https://nvd.nist.gov/vuln/detail/CVE-2019-13638
Impacted products
| Name | GNU GNU 2.7.5-1+deb8u3 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-13638"
}
},
"description": "GNU patch\u662fGNU\u8ba1\u5212\u7684\u4e00\u5957\u7528\u4e8e\u751f\u6210\u8865\u4e01\u6587\u4ef6\u7684\u5de5\u5177\u3002\n\nGNU patch 2.7.5-1+deb8u3\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4ee3\u7801\u3002",
"discovererName": "unknwon",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-29134",
"openTime": "2019-08-28",
"patchDescription": "GNU patch\u662fGNU\u8ba1\u5212\u7684\u4e00\u5957\u7528\u4e8e\u751f\u6210\u8865\u4e01\u6587\u4ef6\u7684\u5de5\u5177\u3002\r\n\r\nGNU patch 2.7.5-1+deb8u3\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "GNU patch\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e \u7684\u8865\u4e01",
"products": {
"product": "GNU GNU 2.7.5-1+deb8u3"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-13638",
"serverity": "\u9ad8",
"submitTime": "2019-07-29",
"title": "GNU patch\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…