SB2018071206 - Multiple vulnerabilities in libgit2

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Integer overflow (CVE-ID: CVE-2018-10887)

The vulnerability allows a local attacker to obtain potentially sensitive information or cause DoS condition on the target system.

The vulnerability exists due to integer overflow when unexpected sign extension in the git_delta_apply function of the delta.c file. A remote unauthenticated attacker can trigger an out-of-bounds read condition, bypass bounds check and read sensitive memory information or cause the service to crash.

2) Out-of-bounds read (CVE-ID: CVE-2018-10888)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to a missing check in the git_delta_apply function, as defined in the delta.c file. A remote unauthenticated attacker can trick the victim into opening a specially crafted binary delta file, trigger an out-of-bounds read condition and cause the service to crash.

Remediation

Install update from vendor's website.

References

• https://github.com/libgit2/libgit2/commit/c1577110467b701dcbcf9439ac225ea851b47d22
• https://github.com/libgit2/libgit2/commit/3f461902dc1072acb8b7607ee65d0a0458ffac2a
• https://github.com/libgit2/libgit2/commit/9844d38bed10e9ff17174434b3421b227ae710f3remote