FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2010-2542

This CVE name corresponds to:

Entered Topic
2010-07-23 git -- buffer overflow vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2010-2542
Phase Assigned(20100630)

Description

Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.

References

Source Reference
MLIST [oss-security] 20100721 CVE request: git
MLIST [oss-security] 20100722 Re: CVE request: git
CONFIRM http://git.kernel.org/?p=git/git.git;a=commit;h=3c9d0414ed2db0167e6c828b547be8fc9f88fccc
CONFIRM http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.7.2.1.txt
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=618108
SUSE SUSE-SR:2011:004
BID 41891
SECUNIA 43457
VUPEN ADV-2011-0464