7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
42.5%
Issue Overview:
Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source $GIT_DIR/objects
directory contains symbolic links, the objects
directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim’s filesystem within the malicious repository’s working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253. A fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is impractical, two short-term workarounds are available. Avoid cloning repositories from untrusted sources with --recurse-submodules
. Instead, consider cloning repositories without recursively cloning their submodules, and instead run git submodule update
at each layer. Before doing so, inspect each new .gitmodules
file to ensure that it does not contain suspicious module URLs. (CVE-2023-22490)
Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to git apply
, a path outside the working tree can be overwritten as the user who is running git apply
. A fix has been prepared and will appear in v2.39.2, v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. As a workaround, use git apply --stat
to inspect a patch before applying; avoid applying one that creates a symbolic link and then creates a file beyond the symbolic link. (CVE-2023-23946)
Affected Packages:
git
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update git to update your system.
New Packages:
aarch64:
git-2.39.2-1.amzn2.0.1.aarch64
git-core-2.39.2-1.amzn2.0.1.aarch64
git-credential-libsecret-2.39.2-1.amzn2.0.1.aarch64
git-daemon-2.39.2-1.amzn2.0.1.aarch64
git-debuginfo-2.39.2-1.amzn2.0.1.aarch64
i686:
git-2.39.2-1.amzn2.0.1.i686
git-core-2.39.2-1.amzn2.0.1.i686
git-credential-libsecret-2.39.2-1.amzn2.0.1.i686
git-daemon-2.39.2-1.amzn2.0.1.i686
git-debuginfo-2.39.2-1.amzn2.0.1.i686
noarch:
git-all-2.39.2-1.amzn2.0.1.noarch
git-core-doc-2.39.2-1.amzn2.0.1.noarch
git-cvs-2.39.2-1.amzn2.0.1.noarch
git-email-2.39.2-1.amzn2.0.1.noarch
gitk-2.39.2-1.amzn2.0.1.noarch
gitweb-2.39.2-1.amzn2.0.1.noarch
git-gui-2.39.2-1.amzn2.0.1.noarch
git-instaweb-2.39.2-1.amzn2.0.1.noarch
git-p4-2.39.2-1.amzn2.0.1.noarch
perl-Git-2.39.2-1.amzn2.0.1.noarch
perl-Git-SVN-2.39.2-1.amzn2.0.1.noarch
git-subtree-2.39.2-1.amzn2.0.1.noarch
git-svn-2.39.2-1.amzn2.0.1.noarch
src:
git-2.39.2-1.amzn2.0.1.src
x86_64:
git-2.39.2-1.amzn2.0.1.x86_64
git-core-2.39.2-1.amzn2.0.1.x86_64
git-credential-libsecret-2.39.2-1.amzn2.0.1.x86_64
git-daemon-2.39.2-1.amzn2.0.1.x86_64
git-debuginfo-2.39.2-1.amzn2.0.1.x86_64
Red Hat: CVE-2023-22490, CVE-2023-23946
Mitre: CVE-2023-22490, CVE-2023-23946
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 2 | aarch64 | git | < 2.39.2-1.amzn2.0.1 | git-2.39.2-1.amzn2.0.1.aarch64.rpm |
Amazon Linux | 2 | aarch64 | git-core | < 2.39.2-1.amzn2.0.1 | git-core-2.39.2-1.amzn2.0.1.aarch64.rpm |
Amazon Linux | 2 | aarch64 | git-credential-libsecret | < 2.39.2-1.amzn2.0.1 | git-credential-libsecret-2.39.2-1.amzn2.0.1.aarch64.rpm |
Amazon Linux | 2 | aarch64 | git-daemon | < 2.39.2-1.amzn2.0.1 | git-daemon-2.39.2-1.amzn2.0.1.aarch64.rpm |
Amazon Linux | 2 | aarch64 | git-debuginfo | < 2.39.2-1.amzn2.0.1 | git-debuginfo-2.39.2-1.amzn2.0.1.aarch64.rpm |
Amazon Linux | 2 | i686 | git | < 2.39.2-1.amzn2.0.1 | git-2.39.2-1.amzn2.0.1.i686.rpm |
Amazon Linux | 2 | i686 | git-core | < 2.39.2-1.amzn2.0.1 | git-core-2.39.2-1.amzn2.0.1.i686.rpm |
Amazon Linux | 2 | i686 | git-credential-libsecret | < 2.39.2-1.amzn2.0.1 | git-credential-libsecret-2.39.2-1.amzn2.0.1.i686.rpm |
Amazon Linux | 2 | i686 | git-daemon | < 2.39.2-1.amzn2.0.1 | git-daemon-2.39.2-1.amzn2.0.1.i686.rpm |
Amazon Linux | 2 | i686 | git-debuginfo | < 2.39.2-1.amzn2.0.1 | git-debuginfo-2.39.2-1.amzn2.0.1.i686.rpm |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
42.5%