GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.

Metrics

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Canonical
  • Ubuntu Linux
Debian
  • Debian Linux
Gnu
  • Patch
Redhat
  • Enterprise Linux
  • Enterprise Linux Desktop
  • Enterprise Linux Server
  • Enterprise Linux Server Aus
  • Enterprise Linux Server Eus
  • Enterprise Linux Server Tus
  • Enterprise Linux Workstation
  • Rhel Aus
  • Rhel E4s
  • Rhel Eus
  • Rhel Tus

Configuration 1 [-]

cpe:2.3:a:gnu:patch:2.7.6:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 6
patch-0:2.6-8.el6_9 cpe:/o:redhat:enterprise_linux:6 RHSA-2018:1199 2018-04-23T00:00:00Z
Red Hat Enterprise Linux 6.4 Advanced Update Support
patch-0:2.6-8.el6_4 cpe:/o:redhat:rhel_aus:6.4 RHSA-2018:2097 2018-06-27T00:00:00Z
Red Hat Enterprise Linux 6.5 Advanced Update Support
patch-0:2.6-8.el6_5 cpe:/o:redhat:rhel_aus:6.5 RHSA-2018:2096 2018-06-27T00:00:00Z
Red Hat Enterprise Linux 6.6 Advanced Update Support
patch-0:2.6-8.el6_6 cpe:/o:redhat:rhel_aus:6.6 RHSA-2018:2095 2018-06-27T00:00:00Z
Red Hat Enterprise Linux 6.6 Telco Extended Update Support
patch-0:2.6-8.el6_6 cpe:/o:redhat:rhel_tus:6.6 RHSA-2018:2095 2018-06-27T00:00:00Z
Red Hat Enterprise Linux 6.7 Extended Update Support
patch-0:2.6-8.el6_7 cpe:/o:redhat:rhel_eus:6.7 RHSA-2018:2094 2018-06-27T00:00:00Z
Red Hat Enterprise Linux 7
patch-0:2.7.1-10.el7_5 cpe:/o:redhat:enterprise_linux:7 RHSA-2018:1200 2018-04-23T00:00:00Z
Red Hat Enterprise Linux 7.2 Advanced Update Support
patch-0:2.7.1-10.el7_2 cpe:/o:redhat:rhel_aus:7.2 RHSA-2018:2093 2018-06-27T00:00:00Z
Red Hat Enterprise Linux 7.2 Telco Extended Update Support
patch-0:2.7.1-10.el7_2 cpe:/o:redhat:rhel_tus:7.2 RHSA-2018:2093 2018-06-27T00:00:00Z
Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions
patch-0:2.7.1-10.el7_2 cpe:/o:redhat:rhel_e4s:7.2 RHSA-2018:2093 2018-06-27T00:00:00Z
Red Hat Enterprise Linux 7.3 Extended Update Support
patch-0:2.7.1-10.el7_3 cpe:/o:redhat:rhel_eus:7.3 RHSA-2018:2092 2018-06-27T00:00:00Z
Red Hat Enterprise Linux 7.4 Extended Update Support
patch-0:2.7.1-10.el7_4 cpe:/o:redhat:rhel_eus:7.4 RHSA-2018:2091 2018-06-27T00:00:00Z
References
Link Providers
http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html cve-icon cve-icon
http://rachelbythebay.com/w/2018/04/05/bangpatch/ cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:1199 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:1200 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2091 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2092 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2093 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2094 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2095 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2096 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2097 cve-icon cve-icon
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894667#19 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2018/04/msg00013.html cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2018-1000156 cve-icon
https://savannah.gnu.org/bugs/index.php?53566 cve-icon cve-icon
https://seclists.org/bugtraq/2019/Aug/29 cve-icon cve-icon
https://seclists.org/bugtraq/2019/Jul/54 cve-icon cve-icon
https://security.gentoo.org/glsa/201904-17 cve-icon cve-icon
https://twitter.com/kurtseifried/status/982028968877436928 cve-icon
https://usn.ubuntu.com/3624-1/ cve-icon cve-icon
https://usn.ubuntu.com/3624-2/ cve-icon cve-icon
https://web.archive.org/web/20180405231329/https://twitter.com/kurtseifried/status/982028968877436928 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2018-1000156 cve-icon
History

Wed, 16 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.42803}

 epss

{'score': 0.43395}

Mon, 14 Apr 2025 19:45:00 +0000

Type Values Removed Values Added
References
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-04-06T13:00:00.000Z

Updated: 2025-04-14T19:36:21.263Z

Reserved: 2018-04-06T00:00:00.000Z

Link: CVE-2018-1000156

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-04-06T13:29:00.377

Modified: 2025-04-14T20:15:16.763

Link: CVE-2018-1000156

cve-icon Redhat

Severity : Important

Publid Date: 2018-04-05T00:00:00Z

Links: CVE-2018-1000156 - Bugzilla