CVE-2018-10887Unexpected Sign Extension in Libgit2

CWE-194Unexpected Sign ExtensionCWE-125Out-of-bounds ReadCWE-190Integer Overflow or WraparoundCWE-681Incorrect Conversion between Numeric Types9 documents6 sources
Severity
8.1HIGHNVD
EPSS
0.3%
top 50.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Libgit2Debian Libgit2Debian Linux
Timeline
PublishedJul 10
Latest updateMay 13

Description

A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacker may use this flaw to leak memory addresses or cause a Denial of Service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:HExploitability: 2.8 | Impact: 5.2

Affected Packages4 packages

debiandebian/libgit2< libgit2 0.27.4+dfsg.1-0.1 (bookworm)
NVDlibgit2/libgit2< 0.27.3
Debianlibgit2/libgit2< 0.27.4+dfsg.1-0.1+3
CVEListV5libgit2/libgit2before version 0.27.3

Also affects: Debian Linux 8.0, 9.0

Patches

Patch: bugzilla.redhat.comPatch: github.comPatch: github.com

🔴Vulnerability Details

2
GHSA
GHSA-5gcq-g5p3-pjp4: A flaw was found in libgit2 before version 02022-05-13
OSV
CVE-2018-10887: A flaw was found in libgit2 before version 02018-07-10

📋Vendor Advisories

1
Debian
CVE-2018-10887: libgit2 - A flaw was found in libgit2 before version 0.27.3. It has been discovered that a...2018

📐Framework References

3
CWE
Integer Overflow or Wraparound
CWE
Unexpected Sign Extension
CWE
Out-of-bounds Read

💬Community

2
Bugzilla
CVE-2018-10887 libgit2: integer overflow leads to out-of-bounds read in git_delta_apply, allowing to read before base array [fedora-all]2018-07-09
Bugzilla
CVE-2018-10887 libgit2: integer overflow leads to out-of-bounds read in git_delta_apply, allowing to read before base array2018-07-04