Ubuntu
git-core package

[CVE-2008-3546] PATH buffer overflow in diff_addremove(), diff_change() in git leading to arbitrary code execution

Bug #256617 reported by Till Ulen
256
Affects Status Importance Assigned to Milestone
git-core (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Binary package hint: git-core

CVE-2008-3546 description:

"Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep."

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3546
http://kerneltrap.org/mailarchive/git/2008/7/16/2529284
http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txt

CVE References

Revision history for this message
Till Ulen (tillulen) wrote :

Adding CVE reference: CVE-2008-3546

Revision history for this message
Anders Kaseorg (andersk) wrote :

See also the sync request for git-core 1:1.5.6.3-1.1 (LP bug 248750).

Anders Kaseorg (andersk)
Changed in git-core:
status: New → Confirmed
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

A fix for this was released:

http://www.ubuntu.com/usn/USN-723-1

Changed in git-core:
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.