Vigil@nce - GNU patch: infinite loop via Nul
February 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can create a malicious patch file, to generate an
infinite loop in patch, in order to trigger a denial of service.
Impacted products: Fedora, Unix (platform)
Severity: 1/4
Creation date: 05/02/2015
DESCRIPTION OF THE VULNERABILITY
The patch command analyzes a file which indicates modifications to
apply.
The file uses the syntax "--- file" to indicate the source file.
However, if this name contains the character ’\0’, an infinite
loop occurs.
An attacker can therefore create a malicious patch file, to
generate an infinite loop in patch, in order to trigger a denial
of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/GNU-patch-infinite-loop-via-Nul-16111