CVE-2020-12279

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353.

References

Affected packages

Git / github.com/libgit2/libgit2

Affected ranges

Type: GIT
Repo: https://github.com/libgit2/libgit2
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

106a5f27586504ea371528191f0ea3aac2ad432b

Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

172239021f7ba04fe7327647b213799853a9eb89

Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

64c612cc3e25eff5fb02c59ef5a66ba7a14751e4

Affected versions

v0.*

v0.1.0

v0.10.0

v0.11.0

v0.12.0

v0.13.0

v0.14.0

v0.15.0

v0.16.0

v0.17.0

v0.18.0

v0.19.0

v0.2.0

v0.20.0

v0.21.0

v0.21.0-rc1

v0.21.0-rc2

v0.22.0

v0.22.0-rc1

v0.22.0-rc2

v0.23.0

v0.23.0-rc1

v0.23.0-rc2

v0.24.0

v0.24.0-rc1

v0.24.4

v0.25.0

v0.25.0-rc1

v0.25.0-rc2

v0.25.1

v0.26.0

v0.26.0-rc1

v0.26.0-rc2

v0.27.0

v0.27.0-rc1

v0.27.0-rc2

v0.27.0-rc3

v0.28.0

v0.28.0-rc1

v0.28.1

v0.28.2

v0.28.3

v0.3.0

v0.8.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-12279.json"

vanir_signatures

[
    {
        "digest": {
            "function_hash": "54554569915003734768761110712720175172",
            "length": 109.0
        },
        "signature_version": "v1",
        "target": {
            "file": "tests/checkout/nasty.c",
            "function": "test_checkout_nasty__git_tilde1"
        },
        "signature_type": "Function",
        "id": "CVE-2020-12279-18c21614",
        "source": "https://github.com/libgit2/libgit2/commit/64c612cc3e25eff5fb02c59ef5a66ba7a14751e4",
        "deprecated": false
    },
    {
        "digest": {
            "line_hashes": [
                "34151097703912068279059189515774524754",
                "640971338307182747042490539310138101",
                "261090504824042527251622828911835319539",
                "190820267254834495437436494656192599698",
                "109452042279548290592481542638704603152",
                "183873679057880809488074463187073290050"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "target": {
            "file": "tests/checkout/nasty.c"
        },
        "signature_type": "Line",
        "id": "CVE-2020-12279-577666bb",
        "source": "https://github.com/libgit2/libgit2/commit/64c612cc3e25eff5fb02c59ef5a66ba7a14751e4",
        "deprecated": false
    },
    {
        "digest": {
            "function_hash": "270919345757994032373988505154932358300",
            "length": 636.0
        },
        "signature_version": "v1",
        "target": {
            "file": "src/checkout.c",
            "function": "checkout_verify_paths"
        },
        "signature_type": "Function",
        "id": "CVE-2020-12279-9b82710e",
        "source": "https://github.com/libgit2/libgit2/commit/64c612cc3e25eff5fb02c59ef5a66ba7a14751e4",
        "deprecated": false
    },
    {
        "digest": {
            "line_hashes": [
                "91163887863019740474463251087811095055",
                "163293920236655175007224761102751500986",
                "304947559022233408970519915295579978259",
                "337098278619693989970552484739974126394"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "target": {
            "file": "src/checkout.c"
        },
        "signature_type": "Line",
        "id": "CVE-2020-12279-fa1bf32c",
        "source": "https://github.com/libgit2/libgit2/commit/64c612cc3e25eff5fb02c59ef5a66ba7a14751e4",
        "deprecated": false
    }
]