Your submission was sent successfully! Close

CVE-2016-2324

Published: 15 March 2016

Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
git
Launchpad, Ubuntu, Debian
precise
Released (1:1.7.9.5-1ubuntu0.3)
trusty Does not exist
(trusty was released [1:1.9.1-1ubuntu0.3])
upstream Needed

wily
Released (1:2.5.0-1ubuntu0.2)