Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2022-41903 | First vendor Publication | 2023-01-17 |
Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | |||
---|---|---|---|
Overall CVSS Score | 9.8 | ||
Base Score | 9.8 | Environmental Score | 9.8 |
impact SubScore | 5.9 | Temporal Score | 9.8 |
Exploitabality Sub Score | 3.9 | ||
Attack Vector | Network | Attack Complexity | Low |
Privileges Required | None | User Interaction | None |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | High | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : | |||
---|---|---|---|
Cvss Base Score | N/A | Attack Range | N/A |
Cvss Impact Score | N/A | Attack Complexity | N/A |
Cvss Expoit Score | N/A | Authentication | N/A |
Calculate full CVSS 2.0 Vectors scores |
Detail
Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903 |
CPE : Common Platform Enumeration
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-11-28 14:15:58 |
|
2024-08-02 13:41:31 |
|
2024-08-02 01:30:46 |
|
2024-02-02 02:39:15 |
|
2024-02-01 12:28:07 |
|
2023-12-27 13:27:46 |
|
2023-09-05 13:34:02 |
|
2023-09-05 01:27:31 |
|
2023-09-02 13:32:12 |
|
2023-09-02 01:27:56 |
|
2023-08-12 13:39:09 |
|
2023-08-12 01:27:13 |
|
2023-08-11 13:29:53 |
|
2023-08-11 01:28:04 |
|
2023-08-06 13:27:28 |
|
2023-08-06 01:26:55 |
|
2023-08-04 13:27:54 |
|
2023-08-04 01:27:16 |
|
2023-07-14 13:27:52 |
|
2023-07-14 01:26:59 |
|
2023-03-29 02:28:22 |
|
2023-03-28 12:27:03 |
|
2023-01-25 21:27:21 |
|
2023-01-18 17:27:17 |
|
2023-01-18 05:27:19 |
|