CVE-2023-22490
published 2023-02-14CVE-2023-22490: Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6…
PriorityP427medium5.5CVSS 3.1
AVLACLPRNUIRSUCHINAN
EPSS
0.71%
48.9th percentile
Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253.
A fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is impractical, two short-term workarounds are available. Avoid cloning repositories from untrusted sources with `--recurse-submodules`. Instead, consider cloning repositories without recursively cloning their submodules, and instead run `git submodule update` at each layer. Before doing so, inspect each new `.gitmodules` file to ensure that it does not contain suspicious module URLs.
Affected
36 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | git | < git 1:2.39.2-1 (bookworm) | git 1:2.39.2-1 (bookworm) |
| git-scm | git | < 2.30.8 | 2.30.8 |
| git-scm | git | >= 2.31.0 < 2.31.7 | 2.31.7 |
| git-scm | git | >= 2.32.0 < 2.32.6 | 2.32.6 |
| git-scm | git | >= 2.33.0 < 2.33.7 | 2.33.7 |
| git-scm | git | >= 2.34.0 < 2.34.7 | 2.34.7 |
| git-scm | git | >= 2.35.0 < 2.35.7 | 2.35.7 |
| git-scm | git | >= 2.36.0 < 2.36.5 | 2.36.5 |
| git-scm | git | >= 2.37.0 < 2.37.6 | 2.37.6 |
| git-scm | git | >= 2.38.0 < 2.38.4 | 2.38.4 |
| git-scm | git | >= 2.39.0 < 2.39.2 | 2.39.2 |
| git | git | >= 0 < 2.32.6-r0 | 2.32.6-r0 |
| git | git | >= 0 < 2.34.7-r0 | 2.34.7-r0 |
| git | git | >= 0 < 2.36.5-r0 | 2.36.5-r0 |
| git | git | >= 0 < 2.38.4-r0 | 2.38.4-r0 |
| git | git | >= 0 < 2.39.2-r0 | 2.39.2-r0 |
| git | git | >= 0 < 2.39.2-r0 | 2.39.2-r0 |
| git | git | >= 0 < 2.39.2-r0 | 2.39.2-r0 |
| git | git | >= 0 < 2.39.2-r0 | 2.39.2-r0 |
| git | git | >= 0 < 2.39.2-r0 | 2.39.2-r0 |
| git | git | >= 0 < 2.39.2-r0 | 2.39.2-r0 |
| git | git | >= 0 < 1:2.30.2-1+deb11u2 | 1:2.30.2-1+deb11u2 |
| git | git | >= 0 < 1:2.39.2-1 | 1:2.39.2-1 |
| git | git | >= 0 < 1:2.39.2-1 | 1:2.39.2-1 |
| git | git | >= 0 < 1:2.39.2-1 | 1:2.39.2-1 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
osv5.5MEDIUM
vendor_debian5.5MEDIUM
vendor_msrc5.5HIGH
vendor_redhat5.5MEDIUM
vendor_ubuntu5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
git regression
osv·2023-03-02·CVSS 5.5
CVE-2023-22490 [MEDIUM] git regression
git regression
USN-5871-1 fixed vulnerabilities in Git. A backport fixing
part of the vulnerability in CVE-2023-22490 was required.
This update fix this for Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that Git incorrectly handled certain repositories.
An attacker could use this issue to make Git uses its local
clone optimization even when using a non-local transport.
(CVE-2023-22490)
OSV
CVE-2023-22490: Git is a revision control system
osv·2023-02-14·CVSS 5.5
CVE-2023-22490 [MEDIUM] CVE-2023-22490: Git is a revision control system
Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253. A fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is im
OSV
CVE-2023-22490: Git is a revision control system
osv·2023-02-14·CVSS 5.5
CVE-2023-22490 [MEDIUM] CVE-2023-22490: Git is a revision control system
Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253.
A fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is i
OSV
git vulnerabilities
osv·2023-02-14·CVSS 5.5
CVE-2023-22490 [MEDIUM] git vulnerabilities
git vulnerabilities
It was discovered that Git incorrectly handled certain repositories.
An attacker could use this issue to make Git uses its local
clone optimization even when using a non-local transport.
(CVE-2023-22490)
Joern Schneeweisz discovered that Git incorrectly handled certain commands.
An attacker could possibly use this issue to overwrite a patch outside
the working tree. (CVE-2023-23946)
CISA ICS
Siemens SCALANCE XCM-/XRM-300
cisa_ics·2024-02-15
Siemens SCALANCE XCM-/XRM-300
ICS Advisory
##
Siemens SCALANCE XCM-/XRM-300
Release DateFebruary 15, 2024
Alert CodeICSA-24-046-11
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SCALANCE XCM-/XRM-300
- Vulnerabilities: Out-of-bounds Write, Incorrect Type Conversion or Cast, Improper Verification of Cryptographic Signature, Improper Access Control, Improper Authentication, Missing Encryption
Microsoft
GitHub: CVE-2023-22490 mingit Information Disclosure Vulnerability
vendor_msrc·2023-03-14·CVSS 5.5
CVE-2023-22490 [MEDIUM] GitHub: CVE-2023-22490 mingit Information Disclosure Vulnerability
GitHub: CVE-2023-22490 mingit Information Disclosure Vulnerability
FAQ: What type of information could be disclosed by this vulnerability?
This vulnerability could disclose sensitive information on the victim's file system as well as achieve data exfiltration.
FAQ: Why is this GitHub CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in MinGit software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.
Visual Studio: Visual Studio
GitHub: GitHub
Customer Action Required: Yes
Impact: Information Disclosure
Exploit Status: Publicly
Ubuntu
Git regression
vendor_ubuntu·2023-03-02·CVSS 5.5
CVE-2023-22490 [MEDIUM] Git regression
Title: Git regression
Summary: USN-5871-1 caused a regression.
USN-5871-1 fixed vulnerabilities in Git. A backport fixing
part of the vulnerability in CVE-2023-22490 was required.
This update fix this for Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that Git incorrectly handled certain repositories.
An attacker could use this issue to make Git uses its local
clone optimization even when using a non-local transport.
(CVE-2023-22490)
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
Git vulnerabilities
vendor_ubuntu·2023-02-14·CVSS 5.5
CVE-2023-23946 [MEDIUM] Git vulnerabilities
Title: Git vulnerabilities
Summary: Several security issues were fixed in Git.
It was discovered that Git incorrectly handled certain repositories.
An attacker could use this issue to make Git uses its local
clone optimization even when using a non-local transport.
(CVE-2023-22490)
Joern Schneeweisz discovered that Git incorrectly handled certain commands.
An attacker could possibly use this issue to overwrite a patch outside
the working tree. (CVE-2023-23946)
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
git: data exfiltration with maliciously crafted repository
vendor_redhat·2023-02-14·CVSS 5.5
CVE-2023-22490 [MEDIUM] CWE-402 git: data exfiltration with maliciously crafted repository
git: data exfiltration with maliciously crafted repository
Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253.
A fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.3
Debian
CVE-2023-22490: git - Git is a revision control system. Using a specially-crafted repository, Git prio...
vendor_debian·2023·CVSS 5.5
CVE-2023-22490 [MEDIUM] CVE-2023-22490: git - Git is a revision control system. Using a specially-crafted repository, Git prio...
Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253. A fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is im
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/git/git/commit/c867e4fa180bec4750e9b54eb10f459030dbebfdhttps://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85https://github.com/git/git/security/advisories/GHSA-gw92-x3fm-3g3qhttps://security.gentoo.org/glsa/202312-15https://github.com/git/git/commit/c867e4fa180bec4750e9b54eb10f459030dbebfdhttps://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85https://github.com/git/git/security/advisories/GHSA-gw92-x3fm-3g3qhttps://security.gentoo.org/glsa/202312-15
2023-02-14
Published