Buffer overflow in 'wincred' credential helper
Package
No package listed
Affected versions
v2.50.0, v2.49.0, v2.48.0-v2.48.1, v2.47.0–v2.47.2, v2.46.0–v2.46.3, v2.45.0-v2.45.3, v2.44.0–v2.44.3, v2.43.6 and prior
Patched versions
>= v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1
Impact
The wincred credential helper uses a static buffer (
target) as a unique key for storing and comparing against internal storage. This credential helper does not properly bounds check the available space remaining in the buffer before appending to it withwcsncat(), leading to potential buffer overflows.Workarounds
Upgrade to the latest Git version(s), or avoid using the
wincredhelper in the meantime if upgrading is not possible.