Vulnerabilities > CVE-2016-8568 - Out-of-bounds Read vulnerability in multiple products
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 3 | |
| OS | 1 | |
| OS | 3 | |
| Application | 1 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Overread Buffers An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2016-BC51F4636F.NASL description Security fix for CVE-2016-8568, CVE-2016-8569 ---- Update to 0.24.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-10-19 plugin id 94124 published 2016-10-19 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94124 title Fedora 24 : libgit2 (2016-bc51f4636f) NASL family Fedora Local Security Checks NASL id FEDORA_2018-924DA855E1.NASL description Update to 0.26.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120619 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120619 title Fedora 28 : libgit2 (2018-924da855e1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-110.NASL description This update for libgit2 fixes the following issues : - CVE-2016-8568: Fixed and out-of-bounds read in git_oid_nfmt (bsc#1003810). - CVE-2016-8569: DoS using a NULL pointer dereference in git_commit_message (bsc#1003810). last seen 2020-06-05 modified 2017-01-18 plugin id 96582 published 2017-01-18 reporter This script is Copyright (C) 2017-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/96582 title openSUSE Security Update : libgit2 (openSUSE-2017-110) NASL family Fedora Local Security Checks NASL id FEDORA_2018-4FB7CDD27F.NASL description Update to 0.26.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2018-03-21 plugin id 108497 published 2018-03-21 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108497 title Fedora 27 : libgit2 (2018-4fb7cdd27f) NASL family Fedora Local Security Checks NASL id FEDORA_2016-616A35205B.NASL description Security fix for CVE-2016-8568, CVE-2016-8569 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-10-21 plugin id 94185 published 2016-10-21 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94185 title Fedora 23 : libgit2 (2016-616a35205b) NASL family Fedora Local Security Checks NASL id FEDORA_2016-505D7FE198.NASL description Security fix for CVE-2016-8568, CVE-2016-8569 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-11-15 plugin id 94806 published 2016-11-15 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94806 title Fedora 25 : libgit2 (2016-505d7fe198) NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-121.NASL description This update for libgit2 fixes the following issues : - CVE-2016-8568: Fixed and out-of-bounds read in git_oid_nfmt (bsc#1003810). - CVE-2016-8569: DoS using a NULL pointer dereference in git_commit_message (bsc#1003810). last seen 2020-06-05 modified 2017-01-20 plugin id 96647 published 2017-01-20 reporter This script is Copyright (C) 2017-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/96647 title openSUSE Security Update : libgit2 (openSUSE-2017-121) NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-1450.NASL description libgit2 was updated to fix two security issues. These security issues were fixed : - CVE-2016-8568: Read out-of-bounds in git_oid_nfmt (bsc#1003810). - CVE-2016-8569: DoS caused by a NULL pointer dereference in git_commit_message (bsc#1003810). This update was imported from the SUSE:SLE-12-SP2:Update update project. last seen 2020-06-05 modified 2016-12-13 plugin id 95756 published 2016-12-13 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/95756 title openSUSE Security Update : libgit2 (openSUSE-2016-1450)
References
- https://github.com/libgit2/libgit2/releases/tag/v0.24.3
- https://github.com/libgit2/libgit2/issues/3936
- https://bugzilla.redhat.com/show_bug.cgi?id=1383211
- http://www.securityfocus.com/bid/93466
- http://www.openwall.com/lists/oss-security/2016/10/08/7
- http://lists.opensuse.org/opensuse-updates/2017-01/msg00114.html
- http://lists.opensuse.org/opensuse-updates/2017-01/msg00110.html
- http://lists.opensuse.org/opensuse-updates/2017-01/msg00103.html
- http://lists.opensuse.org/opensuse-updates/2016-12/msg00075.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3JBSNJAXP7JA3TGE2NPNRTD77JXFG4E/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XVUEIG6EESZB6BRU2IE3F5NRUEHMAEKC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4E77DG5KGQ7L34U75QY7O6NIPKZNQHQJ/