CVE-2024-24575

2024-02-0622:16:15

Google

osv.dev

libgit2

cve-2024-24575

denial of service

portable c implementation

git functionality

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.4%

JSON

libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to git_revparse_single can cause the function to enter an infinite loop, potentially causing a Denial of Service attack in the calling application. The revparse function in src/libgit2/revparse.c uses a loop to parse the user-provided spec string. There is an edge-case during parsing that allows a bad actor to force the loop conditions to access arbitrary memory. Potentially, this could also leak memory if the extracted rev spec is reflected back to the attacker. As such, libgit2 versions before 1.4.0 are not affected. Users should upgrade to version 1.6.5 or 1.7.2.

CPENameOperatorVersion
libgit2eq0.27.0
libgit2eq0.26.0
libgit2eq0.26.0-rc1
libgit2eq0.23.0-rc2
libgit2eq0.23.0-rc1
libgit2eq0.26.0-rc2
libgit2eq0.27.0-rc2
libgit2eq0.27.0-rc3
libgit2eq0.21.0-rc1
libgit2eq0.22.0-rc1

Name	Operator	Version
libgit2	eq	0.27.0
libgit2	eq	0.26.0
libgit2	eq	0.26.0-rc1
libgit2	eq	0.23.0-rc2
libgit2	eq	0.23.0-rc1
libgit2	eq	0.26.0-rc2
libgit2	eq	0.27.0-rc2
libgit2	eq	0.27.0-rc3
libgit2	eq	0.21.0-rc1
libgit2	eq	0.22.0-rc1