Description
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.
Scores
CVSS v3
5.5
EPSS
0.0020
EPSS Percentile
41.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-763
Status
published
Products (1)
gnu/patch
2.7
Published
Dec 22, 2021
Tracked Since
Feb 18, 2026