CVE-2024-24577

libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to `git_index_add` can cause heap corruption that could be leveraged for arbitrary code execution. There is an issue in the `has_dir_name` function in `src/libgit2/index.c`, which frees an entry that should not be freed. The freed entry is later used and overwritten with potentially bad actor-controlled data leading to controlled heap corruption. Depending on the application that uses libgit2, this could lead to arbitrary code execution. This issue has been patched in version 1.6.5 and 1.7.2.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/libgit2/libgit2/releases/tag/v1.6.5	Release Notes
https://github.com/libgit2/libgit2/releases/tag/v1.7.2	Release Notes
https://github.com/libgit2/libgit2/security/advisories/GHSA-j2v7-4f6v-gpg8	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2024/02/msg00012.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4M3P7WIEPXNRLBINQRJFXUSTNKBCHYC7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S635BGHHZUMRPI7QOXOJ45QHDD5FFZ3S/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGNHOEE2RBLH7KCJUPUNYG4CDTW4HTBT/

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:libgit2:libgit2::::::::
	cpe:2.3:a:libgit2:libgit2::::::::

History

27 Feb 2024, 10:15

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2024/02/msg00012.html -

22 Feb 2024, 04:15

Type	Values Removed	Values Added
References		() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGNHOEE2RBLH7KCJUPUNYG4CDTW4HTBT/ -

20 Feb 2024, 03:15

Type	Values Removed	Values Added
References		() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/ -

17 Feb 2024, 02:15

Type	Values Removed	Values Added
References		() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4M3P7WIEPXNRLBINQRJFXUSTNKBCHYC7/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S635BGHHZUMRPI7QOXOJ45QHDD5FFZ3S/ -

15 Feb 2024, 14:54

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~8.6~~	v2 : unknown v3 : 9.8
References	~~() https://github.com/libgit2/libgit2/releases/tag/v1.6.5 -~~	() https://github.com/libgit2/libgit2/releases/tag/v1.6.5 - Release Notes
References	~~() https://github.com/libgit2/libgit2/releases/tag/v1.7.2 -~~	() https://github.com/libgit2/libgit2/releases/tag/v1.7.2 - Release Notes
References	~~() https://github.com/libgit2/libgit2/security/advisories/GHSA-j2v7-4f6v-gpg8 -~~	() https://github.com/libgit2/libgit2/security/advisories/GHSA-j2v7-4f6v-gpg8 - Third Party Advisory
CWE		CWE-119
First Time		Libgit2 libgit2 Libgit2
CPE		cpe:2.3:a:libgit2:libgit2::::::::
Summary		(es) libgit2 es una implementación C portátil de los métodos principales de Git proporcionada como una librería vinculable con una API sólida, que permite incorporar la funcionalidad de Git en su aplicación. El uso de entradas bien manipuladas para `git_index_add` puede provocar daños en el almacenamiento dinámico que podrían aprovecharse para la ejecución de código arbitrario. Hay un problema en la función `has_dir_name` en `src/libgit2/index.c`, que libera una entrada que no debería liberarse. La entrada liberada se utiliza posteriormente y se sobrescribe con datos controlados por actores potencialmente malos, lo que conduce a una corrupción controlada de almacenamiento dinámico. Dependiendo de la aplicación que utilice libgit2, esto podría provocar la ejecución de código arbitrario. Este problema se solucionó en las versiones 1.6.5 y 1.7.2.

06 Feb 2024, 22:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-02-06 22:16

Updated : 2024-02-27 10:15

NVD link : CVE-2024-24577

Mitre link : CVE-2024-24577

CVE.ORG link : CVE-2024-24577

JSON object : View

Products Affected

libgit2

libgit2

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-122

Heap-based Buffer Overflow

9.8 /10