Buffer Overflow Vulnerability in Git's wincred Credential Helper
CVE-2025-48386
6.3MEDIUM
What is CVE-2025-48386?
A potential buffer overflow vulnerability exists in the wincred credential helper of Git, affecting its ability to securely manage credentials. The issue stems from inadequate bounds checking in a static buffer used for key storage. When appending data with the wcsncat() function, the lack of proper validation can result in a buffer overflow, which attackers could exploit to gain unauthorized access or disrupt service. This flaw has been addressed in multiple patched versions of Git.
Affected Version(s)
git < 2.43.7 < 2.43.7
git >= 2.44.0-rc0, < 2.44.4 < 2.44.0-rc0, 2.44.4
git >= 2.45.0-rc0, < 2.45.4 < 2.45.0-rc0, 2.45.4