CLD-417 Details
Other IDs this deficiency may be known by:
Basic Information:
Affected Package(s) |
git |
Deficiency Type |
SECURITY |
Date Created |
2018-05-29 21:54:14 |
Date Last Modified |
2018-05-30 17:59:42 |
Version Specific Information:
Cucumber 1.0 i686 | fixed in git-2.13.7-i686-1 |
Cucumber 1.0 x86_64 | fixed in git-2.13.7-x86_64-1 |
Cucumber 1.1 i686 |
fixed in git-2.13.7-i686-1 |
Cucumber 1.1 x86_64 |
fixed in git-2.13.7-x86_64-1 |
Details:
=================================== Overview ===================================
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before
2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can
result in reading out-of-bounds memory.
================================ Initial Report ================================
From https://lkml.org/lkml/2018/5/29/889:
* It was possible to trick the code that sanity-checks paths on NTFS
into reading random piece of memory (CVE-2018-11233).
================================= Our Analysis =================================
----- Affected Products -----
Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before
2.16.4, and 2.17.x before 2.17.1 are vulnerable. All version of branches prior
to 2.13.x are vulnerable. This includes git as originally packaged in Cucumber
Linux 1.0 and 1.1.
----- Scope and Impact of this Vulnerability -----
Allows for an arbitrary memory read when using git on an NTFS filesystem.
----- Fix for this Vulnerability -----
This vulnerability can be be upgrading to one of the following versions of git:
v2.13.7, v2.14.4, v2.15.2, v2.16.4 or v2.17.1.
We have not been able to find patches for older versions of git.
================================= Our Solution =================================
We have upgraded to git 2.13.7 on Cucumber Linux 1.0 and 1.1. We have upgraded
only to version 2.13.7 of git because that is the oldest branch that the fixes
are available for. Upgrading to a newer branch has the potential to break more
stuff, so we will make as small a version jump as possible.