CVE-2016-2315
git: path_name() integer truncation and overflow leading to buffer overflow
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.
revision.c en git en versiones anteriores a 2.7.4 utiliza un tipo de datos de entero incorrecto, lo que permite a atacantes remotos ejecutar código arbitrario a través de un (1) nombre de archivo grande o (2) muchos árboles anidados, dando lugar a un desbordamiento de buffer basado en memoria dinámica.
An integer truncation flaw and an integer overflow flaw, both leading to a heap-based buffer overflow, were found in the way Git processed certain path information. A remote attacker could create a specially crafted Git repository that would cause a Git client or server to crash or, possibly, execute arbitrary code.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-02-11 CVE Reserved
- 2016-03-16 CVE Published
- 2024-05-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-194: Unexpected Sign Extension
CAPEC
References (27)
URL | Tag | Source |
---|---|---|
http://pastebin.com/UX2P2jjg | Third Party Advisory | |
http://www.openwall.com/lists/oss-security/2016/03/15/5 | Mailing List | |
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | Third Party Advisory | |
http://www.securityfocus.com/bid/84355 | Third Party Advisory | |
http://www.securitytracker.com/id/1035290 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://github.com/git/git/commit/34fa79a6cde56d6d428ab0d3160cb094ebad3305 | 2023-06-21 | |
https://github.com/git/git/commit/de1e67d0703894cb6ea782e36abb63976ab07e60 | 2023-06-21 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Suse Search vendor "Suse" | Linux Enterprise Debuginfo Search vendor "Suse" for product "Linux Enterprise Debuginfo" | 11 Search vendor "Suse" for product "Linux Enterprise Debuginfo" and version "11" | sp4 |
Affected
| ||||||
Suse Search vendor "Suse" | Openstack Cloud Search vendor "Suse" for product "Openstack Cloud" | 5 Search vendor "Suse" for product "Openstack Cloud" and version "5" | - |
Affected
| ||||||
Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 42.1 Search vendor "Opensuse" for product "Leap" and version "42.1" | - |
Affected
| ||||||
Opensuse Search vendor "Opensuse" | Opensuse Search vendor "Opensuse" for product "Opensuse" | 13.2 Search vendor "Opensuse" for product "Opensuse" and version "13.2" | - |
Affected
| ||||||
Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 12 Search vendor "Suse" for product "Linux Enterprise Server" and version "12" | sp1 |
Affected
| ||||||
Suse Search vendor "Suse" | Linux Enterprise Software Development Kit Search vendor "Suse" for product "Linux Enterprise Software Development Kit" | 11 Search vendor "Suse" for product "Linux Enterprise Software Development Kit" and version "11" | sp4 |
Affected
| ||||||
Suse Search vendor "Suse" | Linux Enterprise Software Development Kit Search vendor "Suse" for product "Linux Enterprise Software Development Kit" | 12 Search vendor "Suse" for product "Linux Enterprise Software Development Kit" and version "12" | - |
Affected
| ||||||
Suse Search vendor "Suse" | Linux Enterprise Software Development Kit Search vendor "Suse" for product "Linux Enterprise Software Development Kit" | 12 Search vendor "Suse" for product "Linux Enterprise Software Development Kit" and version "12" | sp1 |
Affected
| ||||||
Suse Search vendor "Suse" | Suse Linux Enterprise Server Search vendor "Suse" for product "Suse Linux Enterprise Server" | 12 Search vendor "Suse" for product "Suse Linux Enterprise Server" and version "12" | - |
Affected
| ||||||
Git-scm Search vendor "Git-scm" | Git Search vendor "Git-scm" for product "Git" | 2.7.3 Search vendor "Git-scm" for product "Git" and version "2.7.3" | - |
Affected
|