Launchpad CVE tracker

CVE 2016-8568

The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2016100...
CONFIRM: https://bugzilla.redha...
CONFIRM: https://github.com/lib...
CONFIRM: https://github.com/lib...
FEDORA: FEDORA-2016-505d7fe198
FEDORA: FEDORA-2016-616a35205b
FEDORA: FEDORA-2016-bc51f4636f
SUSE: openSUSE-SU-2016:3097
SUSE: openSUSE-SU-2017:0184
SUSE: openSUSE-SU-2017:0195
SUSE: openSUSE-SU-2017:0208
BID: 93466

Launchpad.net

CVE 2016-8568

Related bugs

References