CVE Vulnerabilities

CVE-2014-9637

Published: Aug 25, 2017 | Modified: Aug 30, 2017

CVSS 3.x

5.5

MEDIUM

Source:

NVD

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVSS 2.x

7.1 HIGH

RedHat/V2

2.1 LOW

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-9637
CWE	https://cwe.mitre.org/data/definitions/399.html

GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.

Affected Software

Name	Vendor	Start Version	End Version
Fedora	Fedoraproject	20	20
Fedora	Fedoraproject	21	21
Patch	Ubuntu	devel	*
Patch	Ubuntu	precise	*
Patch	Ubuntu	trusty	*
Patch	Ubuntu	trusty/esm	*
Patch	Ubuntu	upstream	*
Patch	Ubuntu	utopic	*
Patch	Ubuntu	vivid	*

References

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.

Copyright © 2023 Aqua Security Software Ltd. Privacy Policy | Terms of Use