CVE-2008-3546

Publication date 7 August 2008

Last updated 24 July 2024

Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.

Status

Show unmaintained releases

Package	Ubuntu Release	Status

How can I get the fixes?
What do statuses mean?
Patch details

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-723-1
Git vulnerabilities
18 February 2009

Other references

https://www.cve.org/CVERecord?id=CVE-2008-3546