Hanno

**Name of the Vulnerable Software and Affected Versions** GNU patch versions through 2.7.6 **Description** A double free issue exists in the `another hunk` function in `pch.c`, which can be exploited by a remote attacker to cause a denial of service. **Recommendations** For GNU patch versions through 2.7.6, update to a version later than 2.7.6 to resolve the issue. At the moment, there is no information about other specific fixes for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GNU patch versions prior to 2.7.7 **Description** The issue is related to a segmentation fault and a NULL pointer dereference in the `intuit diff type()` function in `pch.c`, which can lead to a denial of service. This is also referred to as a "mangled rename" issue. The vulnerability can be exploited by a remote attacker to cause a denial of service. **Recommendations** For GNU patch versions prior to 2.7.7, update to version 2.7.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the `intuit diff type()` function in `pch.c` to minimize the risk of exploitation.