GitHub Advisory DatabaseGHSA-3QX3-6HXR-J2CHeza Potential Heap Overflow Vulnerability for AArch64
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
9.0%
Summary
In eza, there exists a potential heap overflow vulnerability, first seen when using Ubuntu for Raspberry Pi series system, on ubuntu-raspi kernel, relating to the .git directory.
Details
The vulnerability seems to be triggered by the .git directory in some projects. This issue may be related to specific files, and the directory structure also plays a role in triggering the vulnerability. Files/folders that may be involved in triggering the vulnerability include .git/HEAD, .git/refs, and .git/objects.
As @polly pointed out to me, this is likely caused by GHSA-j2v7-4f6v-gpg8, which we do seem to use currently.
PoC
For more information check @CuB3y0nd’s blogpost blog.
Impact
Arbitrary code execution.
Affected configurations
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
9.0%