CVE-2024-25817 – eza

Package

Manager: cargo
Name: eza
Vulnerable Version: >=0 <0.18.2

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

EPSS: 0.0008 pctl0.24453

Details

eza Potential Heap Overflow Vulnerability for AArch64 ### Summary In `eza`, there exists a potential heap overflow vulnerability, first seen when using Ubuntu for Raspberry Pi series system, on `ubuntu-raspi` kernel, relating to the `.git` directory. ### Details The vulnerability seems to be triggered by the `.git` directory in some projects. This issue may be related to specific files, and the directory structure also plays a role in triggering the vulnerability. Files/folders that may be involved in triggering the vulnerability include `.git/HEAD`, `.git/refs`, and `.git/objects`. As @polly pointed out to me, this is likely caused by [GHSA-j2v7-4f6v-gpg8](https://github.com/libgit2/libgit2/security/advisories/GHSA-j2v7-4f6v-gpg8), which we do seem to use currently. ### PoC For more information check @CuB3y0nd's blogpost [blog](https://www.cubeyond.net/blog/eza-cve-report). ### Impact Arbitrary code execution.

Metadata

Created: 2024-02-08T18:47:28Z
Modified: 2024-03-06T15:34:20Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-3qx3-6hxr-j2ch/GHSA-3qx3-6hxr-j2ch.json
CWE IDs: []
Alternative ID: GHSA-3qx3-6hxr-j2ch
Finding: F111
Auto approve: 1