Buffer overflow in Git-scm Git

CVE-2010-2542

Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.

Vulnerability class: Buffer Overflow

EPSS: 0.017 (82.4th percentile) — read the EPSS interpretation.

Affected products

Git-scm Git
N/a — versions n/a

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

43457 (x_refsource_SECUNIA, Third Party Advisory, third-party-advisory)
secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory, Issue Tracking)
[oss-security] 20100722 Re: CVE request: git (mailing-list, x_refsource_MLIST, Mailing List, Third Party Advisory)
secalert@redhat.com (x_refsource_CONFIRM, Broken Link)
SUSE-SR:2011:004 (vendor-advisory, Third Party Advisory, x_refsource_SUSE)
[oss-security] 20100721 CVE request: git (mailing-list, x_refsource_MLIST, Mailing List, Third Party Advisory)
ADV-2011-0464 (Permissions Required, vdb-entry, x_refsource_VUPEN)
41891 (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
secalert@redhat.com (x_refsource_CONFIRM)