GHSA-3qx3-6hxr-j2ch

Suggest an improvement
Source
https://github.com/advisories/GHSA-3qx3-6hxr-j2ch
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-3qx3-6hxr-j2ch/GHSA-3qx3-6hxr-j2ch.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-3qx3-6hxr-j2ch
Aliases
Published
2024-02-08T18:47:28Z
Modified
2024-03-06T16:12:04.928114Z
Severity
  • 8.4 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
eza Potential Heap Overflow Vulnerability for AArch64
Details

Summary

In eza, there exists a potential heap overflow vulnerability, first seen when using Ubuntu for Raspberry Pi series system, on ubuntu-raspi kernel, relating to the .git directory.

Details

The vulnerability seems to be triggered by the .git directory in some projects. This issue may be related to specific files, and the directory structure also plays a role in triggering the vulnerability. Files/folders that may be involved in triggering the vulnerability include .git/HEAD, .git/refs, and .git/objects.

As @polly pointed out to me, this is likely caused by GHSA-j2v7-4f6v-gpg8, which we do seem to use currently.

PoC

For more information check @CuB3y0nd's blogpost blog.

Impact

Arbitrary code execution.

Database specific
{
    "nvd_published_at": null,
    "cwe_ids": [],
    "severity": "HIGH",
    "github_reviewed": true,
    "github_reviewed_at": "2024-02-08T18:47:28Z"
}
References

Affected packages

crates.io / eza

Package

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.18.2