GNU patch pch_write_line Function Denial of Service Vulnerability

By GIXnews


A vulnerability in the pch_write_line function of GNU patch could allow a local attacker to cause a denial of service (DoS) condition on an affected system.

The vulnerability is due to an out-of-bounds access condition in the pch_write_line function, as defined in the pch.c source code file of the affected software. An attacker could exploit this vulnerability by executing a patch file that submits malicious input to the affected system using the patch command. A successful exploit could allow the attacker to cause a DoS condition on the system.

GNU has confirmed the vulnerability and released a software patch.

Security Impact Rating: Medium

CVE: CVE-2016-10713

Source:: Cisco Multivendor Vulnerability Alerts