Vigil@nce - GNU patch: infinite loop of Line Number
January 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can create a malicious patch file, to generate an
infinite loop in patch, in order to trigger a denial of service.
Impacted products: Unix (platform)
Severity: 1/4
Creation date: 22/01/2015
DESCRIPTION OF THE VULNERABILITY
The patch command analyzes a file which indicates modifications to
apply.
The file uses the "@@ line numbers @@" to indicate lines to
modify, and the size of the modified area. However, if the file
uses a large line number, then a large loop occurs and consumes
all the memory.
An attacker can therefore create a malicious patch file, to
generate an infinite loop in patch, in order to trigger a denial
of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/GNU-patch-infinite-loop-of-Line-Number-16035