Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

CVE-2026-56288: CWE-476 NULL Pointer Dereference in GNU patch

0
Medium
VulnerabilityCVE-2026-56288cvecve-2026-56288cwe-476
Published: 07/09/2026 (07/09/2026, 09:29:07 UTC)
Source: CVE Database V5
Vendor/Project: GNU
Product: patch

Description

GNU patch is vulnerable to a NULL pointer dereference when processing a specially crafted unified-diff patch file. Improper handling of consecutive end-of-file newline markers can corrupt internal hunk (single block of changes in diff) data structures, causing the application to pass a NULL pointer to fwrite() during patch processing. An attacker can trigger this condition with a malicious patch file, causing the utility to crash and resulting in a denial of service. This issue has been fixed in the commit e6d6a4e021660679d7fc9150f981d4920f722313

CVSS v4.0

Score 4.6medium

Attack Vector
Local
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
Active
Vuln. Confidentiality
None
Vuln. Integrity
None
Vuln. Availability
Low
Subsq. Confidentiality
None
Subsq. Integrity
None
Subsq. Availability
None
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 07/09/2026, 10:48:59 UTC

Technical Analysis

CVE-2026-56288 is a NULL pointer dereference vulnerability in GNU patch triggered by maliciously crafted unified-diff patch files. The vulnerability arises from improper handling of consecutive end-of-file newline markers, corrupting internal hunk data structures and causing a NULL pointer to be passed to fwrite() during patch processing. This leads to a crash and denial of service. The issue has been addressed and fixed in commit e6d6a4e021660679d7fc9150f981d4920f722313.

Potential Impact

An attacker can cause the GNU patch utility to crash by supplying a specially crafted patch file, resulting in denial of service. There is no indication of code execution or data corruption beyond the crash. No known exploits are reported in the wild.

Mitigation Recommendations

A fix for this vulnerability is available and has been committed (commit e6d6a4e021660679d7fc9150f981d4920f722313). Users should update GNU patch to the fixed version containing this commit. Patch status is not explicitly confirmed in the advisory; therefore, verify the vendor advisory or source repository for the fixed version and apply the update accordingly.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Data Version
5.2
Assigner Short Name
CERT-PL
Date Reserved
2026-06-20T10:58:09.261Z
Cvss Version
4.0
State
PUBLISHED
Remediation Level
null

Threat ID: 6a4f797f68715ace432894f4

Added to database: 07/09/2026, 10:35:43 UTC

Last enriched: 07/09/2026, 10:48:59 UTC

Last updated: 07/10/2026, 03:36:19 UTC

Views: 7

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses