Your submission was sent successfully! Close

CVE-2016-2315

Published: 16 March 2016

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.

Priority

High

CVSS 3 base score: 9.8

Status

Package Release Status
git
Launchpad, Ubuntu, Debian
precise
Released (1:1.7.9.5-1ubuntu0.3)
trusty Does not exist
(trusty was released [1:1.9.1-1ubuntu0.3])
upstream
Released (2.7.0)
wily
Released (1:2.5.0-1ubuntu0.2)