Skip to content

update: patch #1102

New issue
Jump to bottom
New issue
Jump to bottom
Open
Open
update: patch#1102
Labels
advisorysecurity advisoryadvisory/only-sdkaffects only Flatcar SDKadvisory/upstream-blockedblocked by upstream projectscvss/MEDIUM>= 4 && < 7 assessed CVSSsecuritysecurity concerns
@dongsupark

Description

@dongsupark
dongsupark
opened on Jun 27, 2023

Name: patch
CVEs: CVE-2021-45261
CVSSs: 5.5
Action Needed: TBD

Summary: An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.

Note, patch is included only in SDK, so not critical.

refmap.gentoo: https://bugs.gentoo.org/829835

Metadata

Assignees

No one assigned

    Labels

    advisorysecurity advisoryadvisory/only-sdkaffects only Flatcar SDKadvisory/upstream-blockedblocked by upstream projectscvss/MEDIUM>= 4 && < 7 assessed CVSSsecuritysecurity concerns

    Type

    No type

    Projects

    Flatcar tactical, release planning, and roadmap

    • Status

      ⏳ Long Term

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions