SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libgit2 (SUSE-SU-2024:2584-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2584-1 advisory. Update to 1.7.2: Security fixes: - CVE-2024-24577: Fixed arbitrary code execution due to heap...

libgit2 is vulnerable to a denial of service attack in `git_revparse_single`

...

Denial Of Service( DoS)

libgit2 is vulnerable to Denial of Service DoS. The vulnerability is caused due to improper validation within src/revparse.c. If an attacker is able to provide crafted input to the gitrevparsesingle function, an infinite loop can occur resulting in Denial of Service...

CVE-2024-24575

libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitrevparsesingle can cause the function to enter an infinite loop, potentially causing a Denial ...

CVE-2024-24575

CVE-2024-24575 and CVE-2024-24577 (libgit2) are confirmed in the provided documents. The issues affect libgit2’s revparse (CVE-2024-24575) and index handling (CVE-2024-24577). Root causes: an edge-case in revparse can cause an infinite loop and potential memory access; and in has_dir_name during ...

CVE-2024-24575 libgit2 is vulnerable to a denial of service attack in `git_revparse_single`

libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitrevparsesingle can cause the function to enter an infinite loop, potentially causing a Denial ...

CVE-2024-24575

libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitrevparsesingle can cause the function to enter an infinite loop, potentially causing a Denial ...

CVE-2024-24575

libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitrevparsesingle can cause the function to enter an infinite loop, potentially causing a Denial ...

libgit2 Resource Management Error Vulnerability

libgit2 is a portable, C implementation of the Git core development package. A resource management error vulnerability exists in libgit2. An attacker exploiting this vulnerability with a specially crafted "gitrevparsesingle" input could cause the function to enter an infinite loop, which could le...