csaf_microsoft - msrc_cve-2024-24575

msrc_cve-2024-24575

Vulnerability from csaf_microsoft

Published

2024-02-02 08:00

Modified

2024-02-16 00:00

Summary

libgit2 is vulnerable to a denial of service attack in `git_revparse_single`

Notes

Additional Resources

To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer

The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2024-24575 libgit2 is vulnerable to a denial of service attack in `git_revparse_single`  - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-24575.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "libgit2 is vulnerable to a denial of service attack in `git_revparse_single` ",
    "tracking": {
      "current_release_date": "2024-02-16T00:00:00.000Z",
      "generator": {
        "date": "2025-10-20T01:03:24.878Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2024-24575",
      "initial_release_date": "2024-02-02T08:00:00.000Z",
      "revision_history": [
        {
          "date": "2024-02-16T00:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "2.0",
                "product": {
                  "name": "CBL Mariner 2.0",
                  "product_id": "17086"
                }
              },
              {
                "category": "product_version",
                "name": "3.0",
                "product": {
                  "name": "Azure Linux 3.0",
                  "product_id": "17084"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 libgit2 1.6.5-1",
                "product": {
                  "name": "\u003ccbl2 libgit2 1.6.5-1",
                  "product_id": "4"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 libgit2 1.6.5-1",
                "product": {
                  "name": "cbl2 libgit2 1.6.5-1",
                  "product_id": "17438"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 libgit2 1.4.5-3",
                "product": {
                  "name": "\u003ccbl2 libgit2 1.4.5-3",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 libgit2 1.4.5-3",
                "product": {
                  "name": "cbl2 libgit2 1.4.5-3",
                  "product_id": "20007"
                }
              }
            ],
            "category": "product_name",
            "name": "libgit2"
          },
          {
            "category": "product_name",
            "name": "azl3 rust 1.86.0-1",
            "product": {
              "name": "azl3 rust 1.86.0-1",
              "product_id": "2"
            }
          },
          {
            "category": "product_name",
            "name": "azl3 rust 1.75.0-14",
            "product": {
              "name": "azl3 rust 1.75.0-14",
              "product_id": "3"
            }
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 libgit2 1.6.5-1 as a component of CBL Mariner 2.0",
          "product_id": "17086-4"
        },
        "product_reference": "4",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 libgit2 1.6.5-1 as a component of CBL Mariner 2.0",
          "product_id": "17438-17086"
        },
        "product_reference": "17438",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 libgit2 1.4.5-3 as a component of CBL Mariner 2.0",
          "product_id": "17086-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 libgit2 1.4.5-3 as a component of CBL Mariner 2.0",
          "product_id": "20007-17086"
        },
        "product_reference": "20007",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 rust 1.86.0-1 as a component of Azure Linux 3.0",
          "product_id": "17084-2"
        },
        "product_reference": "2",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 rust 1.75.0-14 as a component of Azure Linux 3.0",
          "product_id": "17084-3"
        },
        "product_reference": "3",
        "relates_to_product_reference": "17084"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-24575",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "flags": [
        {
          "label": "vulnerable_code_not_in_execute_path",
          "product_ids": [
            "17084-2",
            "17084-3"
          ]
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "GitHub_M",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "17438-17086",
          "20007-17086"
        ],
        "known_affected": [
          "17086-4",
          "17086-1"
        ],
        "known_not_affected": [
          "17084-2",
          "17084-3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24575 libgit2 is vulnerable to a denial of service attack in `git_revparse_single`  - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-24575.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-02-16T00:00:00.000Z",
          "details": "1.6.5-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17086-4",
            "17086-1"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalsScore": 0.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "17086-4",
            "17086-1"
          ]
        }
      ],
      "title": "libgit2 is vulnerable to a denial of service attack in `git_revparse_single` "
    }
  ]
}

CVE-2024-24575 (GCVE-0-2024-24575)

Vulnerability from cvelistv5

Published

2024-02-06 21:27

Modified

2025-02-13 17:40

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Summary

libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to `git_revparse_single` can cause the function to enter an infinite loop, potentially causing a Denial of Service attack in the calling application. The revparse function in `src/libgit2/revparse.c` uses a loop to parse the user-provided spec string. There is an edge-case during parsing that allows a bad actor to force the loop conditions to access arbitrary memory. Potentially, this could also leak memory if the extracted rev spec is reflected back to the attacker. As such, libgit2 versions before 1.4.0 are not affected. Users should upgrade to version 1.6.5 or 1.7.2.

References

URL

Tags

	https://github.com/libgit2/libgit2/security/advisories/GHSA-54mf-x2rh-hq9v	x_refsource_CONFIRM
	https://github.com/libgit2/libgit2/commit/add2dabb3c16aa49b33904dcdc07cd915efc12fa	x_refsource_MISC
	https://github.com/libgit2/libgit2/releases/tag/v1.6.5	x_refsource_MISC
	https://github.com/libgit2/libgit2/releases/tag/v1.7.2	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S635BGHHZUMRPI7QOXOJ45QHDD5FFZ3S/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4M3P7WIEPXNRLBINQRJFXUSTNKBCHYC7/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGNHOEE2RBLH7KCJUPUNYG4CDTW4HTBT/

Impacted products

	Vendor	Product	Version
	libgit2	libgit2	Version: >= 1.4.0, < 1.6.5 Version: >= 1.7.0, < 1.7.2

Show details on NVD website