cve-2024-24577
Vulnerability from cvelistv5
Published
2024-02-06 21:36
Modified
2024-08-01 23:19
Severity ?
EPSS score ?
Summary
libgit2 is vulnerable to arbitrary code execution due to heap corruption in `git_index_add`
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T23:19:52.907Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/libgit2/libgit2/security/advisories/GHSA-j2v7-4f6v-gpg8", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/libgit2/libgit2/security/advisories/GHSA-j2v7-4f6v-gpg8" }, { "name": "https://github.com/libgit2/libgit2/releases/tag/v1.6.5", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/libgit2/libgit2/releases/tag/v1.6.5" }, { "name": "https://github.com/libgit2/libgit2/releases/tag/v1.7.2", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/libgit2/libgit2/releases/tag/v1.7.2" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S635BGHHZUMRPI7QOXOJ45QHDD5FFZ3S/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4M3P7WIEPXNRLBINQRJFXUSTNKBCHYC7/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGNHOEE2RBLH7KCJUPUNYG4CDTW4HTBT/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00012.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libgit2", "vendor": "libgit2", "versions": [ { "status": "affected", "version": "\u003c 1.6.5" }, { "status": "affected", "version": "\u003e= 1.7.0, \u003c 1.7.2" } ] } ], "descriptions": [ { "lang": "en", "value": "libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to `git_index_add` can cause heap corruption that could be leveraged for arbitrary code execution. There is an issue in the `has_dir_name` function in `src/libgit2/index.c`, which frees an entry that should not be freed. The freed entry is later used and overwritten with potentially bad actor-controlled data leading to controlled heap corruption. Depending on the application that uses libgit2, this could lead to arbitrary code execution. This issue has been patched in version 1.6.5 and 1.7.2." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-06T21:36:12.517Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/libgit2/libgit2/security/advisories/GHSA-j2v7-4f6v-gpg8", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/libgit2/libgit2/security/advisories/GHSA-j2v7-4f6v-gpg8" }, { "name": "https://github.com/libgit2/libgit2/releases/tag/v1.6.5", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/libgit2/libgit2/releases/tag/v1.6.5" }, { "name": "https://github.com/libgit2/libgit2/releases/tag/v1.7.2", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/libgit2/libgit2/releases/tag/v1.7.2" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S635BGHHZUMRPI7QOXOJ45QHDD5FFZ3S/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4M3P7WIEPXNRLBINQRJFXUSTNKBCHYC7/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGNHOEE2RBLH7KCJUPUNYG4CDTW4HTBT/" }, { "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00012.html" } ], "source": { "advisory": "GHSA-j2v7-4f6v-gpg8", "discovery": "UNKNOWN" }, "title": "libgit2 is vulnerable to arbitrary code execution due to heap corruption in `git_index_add`" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-24577", "datePublished": "2024-02-06T21:36:12.517Z", "dateReserved": "2024-01-25T15:09:40.211Z", "dateUpdated": "2024-08-01T23:19:52.907Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2024-24577\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-02-06T22:16:15.270\",\"lastModified\":\"2024-02-27T10:15:08.137\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to `git_index_add` can cause heap corruption that could be leveraged for arbitrary code execution. There is an issue in the `has_dir_name` function in `src/libgit2/index.c`, which frees an entry that should not be freed. The freed entry is later used and overwritten with potentially bad actor-controlled data leading to controlled heap corruption. Depending on the application that uses libgit2, this could lead to arbitrary code execution. This issue has been patched in version 1.6.5 and 1.7.2.\"},{\"lang\":\"es\",\"value\":\"libgit2 es una implementaci\u00f3n C port\u00e1til de los m\u00e9todos principales de Git proporcionada como una librer\u00eda vinculable con una API s\u00f3lida, que permite incorporar la funcionalidad de Git en su aplicaci\u00f3n. El uso de entradas bien manipuladas para `git_index_add` puede provocar da\u00f1os en el almacenamiento din\u00e1mico que podr\u00edan aprovecharse para la ejecuci\u00f3n de c\u00f3digo arbitrario. Hay un problema en la funci\u00f3n `has_dir_name` en `src/libgit2/index.c`, que libera una entrada que no deber\u00eda liberarse. La entrada liberada se utiliza posteriormente y se sobrescribe con datos controlados por actores potencialmente malos, lo que conduce a una corrupci\u00f3n controlada de almacenamiento din\u00e1mico. Dependiendo de la aplicaci\u00f3n que utilice libgit2, esto podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Este problema se solucion\u00f3 en las versiones 1.6.5 y 1.7.2.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.7}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]},{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libgit2:libgit2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.6.5\",\"matchCriteriaId\":\"AB8F928B-1059-4B60-877B-AAECE739B575\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libgit2:libgit2:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.7.0\",\"versionEndExcluding\":\"1.7.2\",\"matchCriteriaId\":\"E036286C-1FDD-47D7-89BA-5A436B2E72DF\"}]}]}],\"references\":[{\"url\":\"https://github.com/libgit2/libgit2/releases/tag/v1.6.5\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/libgit2/libgit2/releases/tag/v1.7.2\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/libgit2/libgit2/security/advisories/GHSA-j2v7-4f6v-gpg8\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/02/msg00012.html\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4M3P7WIEPXNRLBINQRJFXUSTNKBCHYC7/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S635BGHHZUMRPI7QOXOJ45QHDD5FFZ3S/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGNHOEE2RBLH7KCJUPUNYG4CDTW4HTBT/\",\"source\":\"security-advisories@github.com\"}]}}" } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.