CVE-2018-15501

CVE Database · CVE-2018-15501

CVE-2018-15501

· HIGHModified

CVSS v3.1

7.5

EPSS

4.34%

Published

Aug 17, 2018

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

In ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6 and 0.27.x before 0.27.4, a remote attacker can send a crafted smart-protocol "ng" packet that lacks a '\0' byte to trigger an out-of-bounds read that leads to DoS.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Weaknesses (CWE)

CWE-125

Affected Products (4)

debian · debian_linuxvulnerable

libgit2 · libgit2 (up to 0.26.6)vulnerable

libgit2 · libgit2 (up to 0.27.4)vulnerable

References (16)

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9406

ExploitIssue TrackingPatch

https://bugzilla.suse.com/show_bug.cgi?id=1104641

Issue TrackingPatchThird Party Advisory

https://github.com/libgit2/libgit2/commit/1f9a8510e1d2f20ed7334eeeddb92c4dd8e7c649

PatchThird Party Advisory

https://github.com/libgit2/libgit2/releases/tag/v0.26.6

Release NotesThird Party Advisory

https://github.com/libgit2/libgit2/releases/tag/v0.27.4

Release Notes

KEV Catalog EPSS Scores Vendors All CVEs