Vulnerability Details CVE-2018-15501
In ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6 and 0.27.x before 0.27.4, a remote attacker can send a crafted smart-protocol "ng" packet that lacks a '\0' byte to trigger an out-of-bounds read that leads to DoS.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.2%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9406
- https://bugzilla.suse.com/show_bug.cgi?id=1104641
- https://github.com/libgit2/libgit2/commit/1f9a8510e1d2f20ed7334eeeddb92c4dd8e7c649
- https://github.com/libgit2/libgit2/releases/tag/v0.26.6
- https://github.com/libgit2/libgit2/releases/tag/v0.27.4
- https://lists.debian.org/debian-lts-announce/2018/08/msg00024.html
- https://lists.debian.org/debian-lts-announce/2022/03/msg00031.html
- https://www.pro-linux.de/sicherheit/2/44650/denial-of-service-in-libgit2.html
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9406
- https://bugzilla.suse.com/show_bug.cgi?id=1104641
- https://github.com/libgit2/libgit2/commit/1f9a8510e1d2f20ed7334eeeddb92c4dd8e7c649
- https://github.com/libgit2/libgit2/releases/tag/v0.26.6
- https://github.com/libgit2/libgit2/releases/tag/v0.27.4
- https://lists.debian.org/debian-lts-announce/2018/08/msg00024.html
- https://lists.debian.org/debian-lts-announce/2022/03/msg00031.html
- https://www.pro-linux.de/sicherheit/2/44650/denial-of-service-in-libgit2.html
Products affected by CVE-2018-15501
-
cpe:2.3:a:libgit2:libgit2:-
-
cpe:2.3:a:libgit2:libgit2:0.1.0
-
cpe:2.3:a:libgit2:libgit2:0.10.0
-
cpe:2.3:a:libgit2:libgit2:0.11.0
-
cpe:2.3:a:libgit2:libgit2:0.12.0
-
cpe:2.3:a:libgit2:libgit2:0.13.0
-
cpe:2.3:a:libgit2:libgit2:0.14.0
-
cpe:2.3:a:libgit2:libgit2:0.15.0
-
cpe:2.3:a:libgit2:libgit2:0.16.0
-
cpe:2.3:a:libgit2:libgit2:0.17.0
-
cpe:2.3:a:libgit2:libgit2:0.18.0
-
cpe:2.3:a:libgit2:libgit2:0.19.0
-
cpe:2.3:a:libgit2:libgit2:0.2.0
-
cpe:2.3:a:libgit2:libgit2:0.20.0
-
cpe:2.3:a:libgit2:libgit2:0.21.0
-
cpe:2.3:a:libgit2:libgit2:0.21.1
-
cpe:2.3:a:libgit2:libgit2:0.21.2
-
cpe:2.3:a:libgit2:libgit2:0.21.3
-
cpe:2.3:a:libgit2:libgit2:0.21.4
-
cpe:2.3:a:libgit2:libgit2:0.21.5
-
cpe:2.3:a:libgit2:libgit2:0.22.0
-
cpe:2.3:a:libgit2:libgit2:0.22.1
-
cpe:2.3:a:libgit2:libgit2:0.22.2
-
cpe:2.3:a:libgit2:libgit2:0.22.3
-
cpe:2.3:a:libgit2:libgit2:0.23.0
-
cpe:2.3:a:libgit2:libgit2:0.23.1
-
cpe:2.3:a:libgit2:libgit2:0.23.2
-
cpe:2.3:a:libgit2:libgit2:0.23.3
-
cpe:2.3:a:libgit2:libgit2:0.23.4
-
cpe:2.3:a:libgit2:libgit2:0.24.0
-
cpe:2.3:a:libgit2:libgit2:0.24.1
-
cpe:2.3:a:libgit2:libgit2:0.24.2
-
cpe:2.3:a:libgit2:libgit2:0.24.3
-
cpe:2.3:a:libgit2:libgit2:0.24.4
-
cpe:2.3:a:libgit2:libgit2:0.24.5
-
cpe:2.3:a:libgit2:libgit2:0.24.6
-
cpe:2.3:a:libgit2:libgit2:0.25.0
-
cpe:2.3:a:libgit2:libgit2:0.25.1
-
cpe:2.3:a:libgit2:libgit2:0.26.0
-
cpe:2.3:a:libgit2:libgit2:0.26.1
-
cpe:2.3:a:libgit2:libgit2:0.26.2
-
cpe:2.3:a:libgit2:libgit2:0.26.3
-
cpe:2.3:a:libgit2:libgit2:0.26.4
-
cpe:2.3:a:libgit2:libgit2:0.26.5
-
cpe:2.3:a:libgit2:libgit2:0.27.0
-
cpe:2.3:a:libgit2:libgit2:0.27.1
-
cpe:2.3:a:libgit2:libgit2:0.27.2
-
cpe:2.3:a:libgit2:libgit2:0.27.3
-
cpe:2.3:a:libgit2:libgit2:0.3.0
-
cpe:2.3:a:libgit2:libgit2:0.8.0
-
cpe:2.3:o:debian:debian_linux:8.0
-
cpe:2.3:o:debian:debian_linux:9.0