CVE-2024-24577 - OpenCVE

Vendors	Products
Libgit2	Libgit2

Link	Resource
https://github.com/libgit2/libgit2/releases/tag/v1.6.5	Release Notes
https://github.com/libgit2/libgit2/releases/tag/v1.7.2	Release Notes
https://github.com/libgit2/libgit2/security/advisories/GHSA-j2v7-4f6v-gpg8	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2024/02/msg00012.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4M3P7WIEPXNRLBINQRJFXUSTNKBCHYC7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S635BGHHZUMRPI7QOXOJ45QHDD5FFZ3S/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGNHOEE2RBLH7KCJUPUNYG4CDTW4HTBT/

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2024-24577", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-01-25T15:09:40.211Z", "datePublished": "2024-02-06T21:36:12.517Z", "dateUpdated": "2024-02-06T21:36:12.517Z"}, "containers": {"cna": {"title": "libgit2 is vulnerable to arbitrary code execution due to heap corruption in `git_index_add`", "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "lang": "en", "description": "CWE-122: Heap-based Buffer Overflow", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/libgit2/libgit2/security/advisories/GHSA-j2v7-4f6v-gpg8", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/libgit2/libgit2/security/advisories/GHSA-j2v7-4f6v-gpg8"}, {"name": "https://github.com/libgit2/libgit2/releases/tag/v1.6.5", "tags": ["x_refsource_MISC"], "url": "https://github.com/libgit2/libgit2/releases/tag/v1.6.5"}, {"name": "https://github.com/libgit2/libgit2/releases/tag/v1.7.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/libgit2/libgit2/releases/tag/v1.7.2"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S635BGHHZUMRPI7QOXOJ45QHDD5FFZ3S/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4M3P7WIEPXNRLBINQRJFXUSTNKBCHYC7/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGNHOEE2RBLH7KCJUPUNYG4CDTW4HTBT/"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00012.html"}], "affected": [{"vendor": "libgit2", "product": "libgit2", "versions": [{"version": "< 1.6.5", "status": "affected"}, {"version": ">= 1.7.0, < 1.7.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-02-06T21:36:12.517Z"}, "descriptions": [{"lang": "en", "value": "libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to `git_index_add` can cause heap corruption that could be leveraged for arbitrary code execution. There is an issue in the `has_dir_name` function in `src/libgit2/index.c`, which frees an entry that should not be freed. The freed entry is later used and overwritten with potentially bad actor-controlled data leading to controlled heap corruption. Depending on the application that uses libgit2, this could lead to arbitrary code execution. This issue has been patched in version 1.6.5 and 1.7.2."}], "source": {"advisory": "GHSA-j2v7-4f6v-gpg8", "discovery": "UNKNOWN"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libgit2:libgit2:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB8F928B-1059-4B60-877B-AAECE739B575", "versionEndExcluding": "1.6.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:libgit2:libgit2:*:*:*:*:*:*:*:*", "matchCriteriaId": "E036286C-1FDD-47D7-89BA-5A436B2E72DF", "versionEndExcluding": "1.7.2", "versionStartIncluding": "1.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to `git_index_add` can cause heap corruption that could be leveraged for arbitrary code execution. There is an issue in the `has_dir_name` function in `src/libgit2/index.c`, which frees an entry that should not be freed. The freed entry is later used and overwritten with potentially bad actor-controlled data leading to controlled heap corruption. Depending on the application that uses libgit2, this could lead to arbitrary code execution. This issue has been patched in version 1.6.5 and 1.7.2."}, {"lang": "es", "value": "libgit2 es una implementaci\u00f3n C port\u00e1til de los m\u00e9todos principales de Git proporcionada como una librer\u00eda vinculable con una API s\u00f3lida, que permite incorporar la funcionalidad de Git en su aplicaci\u00f3n. El uso de entradas bien manipuladas para `git_index_add` puede provocar da\u00f1os en el almacenamiento din\u00e1mico que podr\u00edan aprovecharse para la ejecuci\u00f3n de c\u00f3digo arbitrario. Hay un problema en la funci\u00f3n `has_dir_name` en `src/libgit2/index.c`, que libera una entrada que no deber\u00eda liberarse. La entrada liberada se utiliza posteriormente y se sobrescribe con datos controlados por actores potencialmente malos, lo que conduce a una corrupci\u00f3n controlada de almacenamiento din\u00e1mico. Dependiendo de la aplicaci\u00f3n que utilice libgit2, esto podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Este problema se solucion\u00f3 en las versiones 1.6.5 y 1.7.2."}], "id": "CVE-2024-24577", "lastModified": "2024-02-27T10:15:08.137", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-02-06T22:16:15.270", "references": [{"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/libgit2/libgit2/releases/tag/v1.6.5"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/libgit2/libgit2/releases/tag/v1.7.2"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/libgit2/libgit2/security/advisories/GHSA-j2v7-4f6v-gpg8"}, {"source": "security-advisories@github.com", "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00012.html"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4M3P7WIEPXNRLBINQRJFXUSTNKBCHYC7/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S635BGHHZUMRPI7QOXOJ45QHDD5FFZ3S/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGNHOEE2RBLH7KCJUPUNYG4CDTW4HTBT/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-122"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

JSON object

JSON object

JSON object