gsd-2018-10887
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacker may use this flaw to leak memory addresses or cause a Denial of Service.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2018-10887", "description": "A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacker may use this flaw to leak memory addresses or cause a Denial of Service.", "id": "GSD-2018-10887", "references": [ "https://www.suse.com/security/cve/CVE-2018-10887.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2018-10887" ], "details": "A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacker may use this flaw to leak memory addresses or cause a Denial of Service.", "id": "GSD-2018-10887", "modified": "2023-12-13T01:22:41.260004Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "DATE_PUBLIC": "2018-07-09T00:00:00", "ID": "CVE-2018-10887", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "libgit2", "version": { "version_data": [ { "version_value": "before version 0.27.3" } ] } } ] }, "vendor_name": "libgit2" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacker may use this flaw to leak memory addresses or cause a Denial of Service." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-194-\u003eCWE-190-\u003eCWE-125" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1598021", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1598021" }, { "name": "[debian-lts-announce] 20180825 [SECURITY] [DLA 1477-1] libgit2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00024.html" }, { "name": "https://github.com/libgit2/libgit2/releases/tag/v0.27.3", "refsource": "CONFIRM", "url": "https://github.com/libgit2/libgit2/releases/tag/v0.27.3" }, { "name": "https://github.com/libgit2/libgit2/commit/c1577110467b701dcbcf9439ac225ea851b47d22", "refsource": "CONFIRM", "url": "https://github.com/libgit2/libgit2/commit/c1577110467b701dcbcf9439ac225ea851b47d22" }, { "name": "https://github.com/libgit2/libgit2/commit/3f461902dc1072acb8b7607ee65d0a0458ffac2a", "refsource": "CONFIRM", "url": "https://github.com/libgit2/libgit2/commit/3f461902dc1072acb8b7607ee65d0a0458ffac2a" }, { "name": "[debian-lts-announce] 20220321 [SECURITY] [DLA 2936-1] libgit2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00031.html" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "\u003c0.27.3", "affected_versions": "All versions before 0.27.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "cwe_ids": [ "CWE-1035", "CWE-125", "CWE-190", "CWE-681", "CWE-937" ], "date": "2019-10-09", "description": "A flaw was found in libgit2 which is wrapped by the rugged gem. It has been discovered that an unexpected sign extension in `git_delta_apply` function in `delta.c` file may lead to an integer overflow which in turn leads to an out-of-bound read, which allows reading before the base object. An attacker may use this flaw to leak memory addresses or cause a Denial of Service.", "fixed_versions": [ "0.27.4" ], "identifier": "CVE-2018-10887", "identifiers": [ "CVE-2018-10887" ], "not_impacted": "All versions starting from 0.27.3", "package_slug": "gem/rugged", "pubdate": "2018-07-10", "solution": "Upgrade to version 0.27.4 or above.", "title": "Out-of-bounds Read", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-10887", "https://bugzilla.redhat.com/show_bug.cgi?id=1598021" ], "uuid": "b6c8b55d-5c8d-4ec3-8a7c-1d967d5d1d99" }, { "affected_range": "\u003c0.27.3", "affected_versions": "All versions before 0.27.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "cwe_ids": [ "CWE-1035", "CWE-125", "CWE-190", "CWE-681", "CWE-937" ], "date": "2019-10-09", "description": "The libgit2 library, which is used by pygit2, is vulnerable to an integer overflow which leads to an out-of-bound read. An attacker may use this flaw to leak memory addresses or cause a Denial of Service.", "fixed_versions": [ "0.27.3" ], "identifier": "CVE-2018-10887", "identifiers": [ "CVE-2018-10887" ], "not_impacted": "All versions starting from 0.27.3", "package_slug": "pypi/pygit2", "pubdate": "2018-07-10", "solution": "Upgrade to version 0.27.3 or above.", "title": "Out-of-bounds Read", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-10887", "https://bugzilla.redhat.com/show_bug.cgi?id=1598021" ], "uuid": "7dd5229d-f9f4-4dbd-9272-cb1aafcad98b" } ] }, "nvd.nist.gov": { "cve": { "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:libgit2:libgit2:*:*:*:*:*:*:*:*", "matchCriteriaId": "733BF26A-72FB-4851-928E-4F7759FEF8E2", "versionEndExcluding": "0.27.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacker may use this flaw to leak memory addresses or cause a Denial of Service." }, { "lang": "es", "value": "Se ha descubierto un problema en versiones anteriores a la 0.27.3 de libgit2. Se ha descubierto que una extensi\u00f3n sign inesperada en la funci\u00f3n git_delta_apply en el archivo delta.c puede conducir a un desbordamiento de enteros que conduce a una lectura fuera de l\u00edmites, lo que le permite leer antes del objeto base. Un atacante podr\u00eda explotar este error para filtrar direcciones de memoria o provocar una denegaci\u00f3n de servicio (DoS)." } ], "id": "CVE-2018-10887", "lastModified": "2024-02-15T20:59:49.467", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-07-10T14:29:00.260", "references": [ { "source": "secalert@redhat.com", "tags": [ "Issue Tracking", "Patch" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1598021" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "https://github.com/libgit2/libgit2/commit/3f461902dc1072acb8b7607ee65d0a0458ffac2a" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "https://github.com/libgit2/libgit2/commit/c1577110467b701dcbcf9439ac225ea851b47d22" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Release Notes" ], "url": "https://github.com/libgit2/libgit2/releases/tag/v0.27.3" }, { "source": "secalert@redhat.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00024.html" }, { "source": "secalert@redhat.com", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00031.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" }, { "lang": "en", "value": "CWE-190" }, { "lang": "en", "value": "CWE-681" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-194" } ], "source": "secalert@redhat.com", "type": "Secondary" } ] } } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.