gasilpp.blogg.se - Git windows fix runningsomeoneelse scode vulnerability

GIT WINDOWS FIX RUNNINGSOMEONEELSE SCODE VULNERABILITY PATCH
GIT WINDOWS FIX RUNNINGSOMEONEELSE SCODE VULNERABILITY UPGRADE

This vulnerability may be exploited by using overly-long submodule URLs, which are stored in a user’s $GIT_DIR/config upon initialization. This may be used to achieve arbitrary code execution, via configuration values that specify executables, such as core.pager, core.editor, core.sshCommand, and so on. This can result in arbitrary configuration injection into a user’s $GIT_DIR/config when attempting to rename or remove a malicious configuration section. Git’s implementation used to rename or delete sections of a configuration file contained a logic error that resulted in improperly treating configuration values longer than a fixed length as containing new sections.

GIT WINDOWS FIX RUNNINGSOMEONEELSE SCODE VULNERABILITY PATCH

However, this fix was incomplete: when using git apply -reject to write out rejected hunks from the patch as *.rej files, specially crafted malicious patches can perform controlled content writes at arbitrary locations. In Git 2.39.1, this mechanism was updated to reject patches which themselves created symbolic links and attempted to write beyond them. When applying patches with git apply, Git rejects inputs that attempt to write a file beyond a symbolic link.

GIT WINDOWS FIX RUNNINGSOMEONEELSE SCODE VULNERABILITY UPGRADE

Users fitting any of these descriptions are also encouraged to upgrade immediately. The Windows-specific issues affect users on multi-user machines, users working in Git CMD, and users leveraging the SOCKS5 proxy connect.exe that is included in the Git for Windows distribution. The latter may be used to inject arbitrary configuration settings, which may in turn be used to achieve arbitrary code execution.

The former may be used to perform controlled content writes at arbitrary paths with git apply -reject. To protect against CVE-2023-25652 and CVE-2023-29007, users are encouraged to upgrade immediately. The Git for Windows project released new versions including the fixes for all five of these vulnerabilities. Git was also patched to address additional, Windows-specific vulnerabilities: CVE-2023-25815, CVE-2023-29011, and CVE-2023-29012. Today, the Git project released new versions to address a pair of security vulnerabilities, CVE-2023-25652 and CVE-2023-29007, that affect versions 2.40.0 and older.