FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- shell injection vulnerability in patch(1)

Affected packages
10.1 <= FreeBSD < 10.1_17

Details

VuXML ID 0d090952-600a-11e6-a6c3-14dae9d210b8
Discovery 2015-08-05
Entry 2016-08-11

Problem Description:

Due to insufficient sanitization of the input patch stream, it is possible for a patch file to cause patch(1) to pass certain ed(1) scripts to the ed(1) editor, which would run commands.

Impact:

This issue could be exploited to execute arbitrary commands as the user invoking patch(1) against a specically crafted patch file, which could be leveraged to obtain elevated privileges.

References

CVE Name CVE-2015-1418
FreeBSD Advisory SA-15:18.bsdpatch