Bug 1100613 - (CVE-2018-10887) VUL-0: CVE-2018-10887: libgit2: integer overflow leads to out-of-bounds read in git_delta_apply, allowing to read before base array
(CVE-2018-10887)
VUL-0: CVE-2018-10887: libgit2: integer overflow leads to out-of-bounds read ...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/210165/
CVSSv3:RedHat:CVE-2018-10887:5.3:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-07-09 14:32 UTC by Marcus Meissner
Modified: 2020-04-24 15:10 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2018-07-09 14:32:06 UTC
rh#1598021

An unexpected sign extension in git_delta_apply function leads to an integer overflow in the bounds check, allowing to bypass it and to read some bytes before the `base` object. An attacker may use this flaw to get an information leak or cause a Denial of Service.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1598021
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10887
Comment 2 Andreas Stieger 2018-07-11 07:09:35 UTC
https://build.opensuse.org/request/show/621935
Comment 5 Swamp Workflow Management 2018-08-21 16:09:31 UTC
SUSE-SU-2018:2469-1: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 1095219,1100612,1100613,1104641
CVE References: CVE-2018-10887,CVE-2018-10888,CVE-2018-11235,CVE-2018-15501
Sources used:
SUSE Linux Enterprise Module for Development Tools 15 (src):    libgit2-0.26.6-3.5.2
Comment 6 Swamp Workflow Management 2018-08-24 22:08:23 UTC
openSUSE-SU-2018:2502-1: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 1095219,1100612,1100613,1104641
CVE References: CVE-2018-10887,CVE-2018-10888,CVE-2018-11235,CVE-2018-15501
Sources used:
openSUSE Leap 15.0 (src):    libgit2-0.26.6-lp150.2.3.1
Comment 9 Swamp Workflow Management 2018-10-25 16:13:35 UTC
SUSE-SU-2018:3440-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1085256,1095219,1100612,1100613,1104641
CVE References: CVE-2018-10887,CVE-2018-10888,CVE-2018-11235,CVE-2018-15501,CVE-2018-8099
Sources used:
SUSE Manager Server 3.2 (src):    libgit2-0.24.1-7.6.1
SUSE Manager Server 3.1 (src):    libgit2-0.24.1-7.6.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    libgit2-0.24.1-7.6.1
Comment 10 Swamp Workflow Management 2018-10-26 22:24:58 UTC
openSUSE-SU-2018:3519-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1085256,1095219,1100612,1100613,1104641
CVE References: CVE-2018-10887,CVE-2018-10888,CVE-2018-11235,CVE-2018-15501,CVE-2018-8099
Sources used:
openSUSE Leap 42.3 (src):    libgit2-0.24.1-10.3.1
Comment 14 Alexandros Toptsoglou 2020-04-24 15:10:28 UTC
Done