Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name CVE-2022-41903 First vendor Publication 2023-01-17
Vendor Cve Last vendor Modification 2023-12-27

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score 9.8
Base Score 9.8 Environmental Score 9.8
impact SubScore 5.9 Temporal Score 9.8
Exploitabality Sub Score 3.9
 
Attack Vector Network Attack Complexity Low
Privileges Required None User Interaction None
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-190 Integer Overflow or Wraparound (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 635

Sources (Detail)

https://security.gentoo.org/glsa/202312-15
Source Url
MISC https://git-scm.com/book/en/v2/Customizing-Git-Git-Attributes#_export_subst
https://git-scm.com/docs/pretty-formats#Documentation/pretty-formats.txt-emlt...
https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76
https://github.com/git/git/security/advisories/GHSA-475x-2q3q-hvwq

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
Date Informations
2024-02-02 02:39:15
  • Multiple Updates
2024-02-01 12:28:07
  • Multiple Updates
2023-12-27 13:27:46
  • Multiple Updates
2023-09-05 13:34:02
  • Multiple Updates
2023-09-05 01:27:31
  • Multiple Updates
2023-09-02 13:32:12
  • Multiple Updates
2023-09-02 01:27:56
  • Multiple Updates
2023-08-12 13:39:09
  • Multiple Updates
2023-08-12 01:27:13
  • Multiple Updates
2023-08-11 13:29:53
  • Multiple Updates
2023-08-11 01:28:04
  • Multiple Updates
2023-08-06 13:27:28
  • Multiple Updates
2023-08-06 01:26:55
  • Multiple Updates
2023-08-04 13:27:54
  • Multiple Updates
2023-08-04 01:27:16
  • Multiple Updates
2023-07-14 13:27:52
  • Multiple Updates
2023-07-14 01:26:59
  • Multiple Updates
2023-03-29 02:28:22
  • Multiple Updates
2023-03-28 12:27:03
  • Multiple Updates
2023-01-25 21:27:21
  • Multiple Updates
2023-01-18 17:27:17
  • Multiple Updates
2023-01-18 05:27:19
  • First insertion