Git is vulnerable to Remote Code Execution (RCE). The vulnerability exists in the config.c::git_config_copy_or_rename_section_in_file()
function, allowing an attacker to inject and execute malicious config to $GIT_DIR/config
when attempting to remove the configuration section associated with that submodule which specifies executables to run such as core.pager
, core.editor
, core.sshCommand
commands through the URLs that are longer than 1024 characters.
github.com/git/git/blob/9ce9dea4e1c2419cca126d29fa7730baa078a11b/Documentation/RelNotes/2.30.9.txt
github.com/git/git/commit/528290f8c61222433a8cf02fb7cfffa8438432b4
github.com/git/git/security/advisories/GHSA-v48j-4xgg-4844
lists.fedoraproject.org/archives/list/[email protected]/message/PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7/
lists.fedoraproject.org/archives/list/[email protected]/message/RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU/
lists.fedoraproject.org/archives/list/[email protected]/message/YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL/
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.14/main.yaml
secdb.alpinelinux.org/v3.15/main.yaml
secdb.alpinelinux.org/v3.16/main.yaml
secdb.alpinelinux.org/v3.17/main.yaml
secdb.alpinelinux.org/v3.18/main.yaml
security.gentoo.org/glsa/202312-15