Test ID:	1.3.6.1.4.1.25623.1.1.10.2018.0448
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2018-0448)
Summary:	The remote host is missing an update for the 'patch' package(s) announced via the MGASA-2018-0448 advisory.
Description:	Summary: The remote host is missing an update for the 'patch' package(s) announced via the MGASA-2018-0448 advisory. Vulnerability Insight: A NULL pointer dereference flaw was found in the way patch processed patch files. An attacker could potentially use this flaw to crash patch by tricking it into processing crafted patches (CVE-2018-6951). A double-free flaw was found in the way the patch utility processed patch files. An attacker could potentially use this flaw to crash the patch utility by tricking it into processing crafted patches (CVE-2018-6952). Affected Software/OS: 'patch' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-6951 BugTraq ID: 103044 http://www.securityfocus.com/bid/103044 https://security.gentoo.org/glsa/201904-17 https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a https://savannah.gnu.org/bugs/index.php?53132 https://usn.ubuntu.com/3624-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-6952 BugTraq ID: 103047 http://www.securityfocus.com/bid/103047 https://savannah.gnu.org/bugs/index.php?53133 RedHat Security Advisories: RHSA-2019:2033 https://access.redhat.com/errata/RHSA-2019:2033
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.