CVE-2023-25652
published 2023-04-25CVE-2023-25652: Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding…
PriorityP261high7.5CVSS 3.1
AVNACLPRNUINSUCNIHAN
EPSS
52.16%
98.8th percentile
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists.
Affected
39 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | git | < git 1:2.39.5-0+deb12u1 (bookworm) | git 1:2.39.5-0+deb12u1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| git-scm | git | < 2.30.9 | 2.30.9 |
| git-scm | git | — | — |
| git-scm | git | >= 2.31.0 < 2.31.8 | 2.31.8 |
| git-scm | git | >= 2.32.0 < 2.32.7 | 2.32.7 |
| git-scm | git | >= 2.33.0 < 2.33.8 | 2.33.8 |
| git-scm | git | >= 2.34.0 < 2.34.8 | 2.34.8 |
| git-scm | git | >= 2.35.0 < 2.35.8 | 2.35.8 |
| git-scm | git | >= 2.36.0 < 2.36.6 | 2.36.6 |
| git-scm | git | >= 2.37.0 < 2.37.7 | 2.37.7 |
| git-scm | git | >= 2.38.0 < 2.38.5 | 2.38.5 |
| git-scm | git | >= 2.39.0 < 2.39.3 | 2.39.3 |
| git | git | < 2.30.9 | 2.30.9 |
| git | git | — | — |
| git | git | — | — |
| git | git | — | — |
| git | git | — | — |
| git | git | — | — |
| git | git | — | — |
| git | git | — | — |
| git | git | — | — |
| git | git | — | — |
| git | git | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor invocations of `git apply --reject` with patches sourced from untrusted or external inputs; path traversal outside the working tree via symlinked *.rej files is the exploitation primitive. ↗
- →Detect the presence of symlinks whose name matches *.rej in the working tree before or after a `git apply` operation, as exploitation requires a link corresponding to the *.rej file to exist. ↗
- →Use `git apply --stat` to inspect patches before applying them; flag any automated pipeline that skips this inspection step and directly invokes `git apply --reject`. ↗
- ·Vulnerable Git versions are prior to 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1; ensure all Git installations are patched to one of these fixed versions. ↗
- ·MinGit bundled with Microsoft Visual Studio is also affected; Visual Studio installations consuming MinGit must be updated via the Visual Studio update channel. ↗
- ·The attack scope is local per Debian's tracker; exploitation requires the ability to supply a crafted patch to a `git apply --reject` invocation on the target system. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
osv7.5HIGH
vendor_debian7.5HIGH
vendor_msrc7.5HIGH
vendor_redhat7.5HIGH
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
ABB M2M Gateway
cisa_ics·2025-04-15
ABB M2M Gateway
ICS Advisory
##
ABB M2M Gateway
Release DateApril 15, 2025
Alert CodeICSA-25-105-08
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 8.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: ABB
- Equipment: M2M Gateway
- Vulnerabilities: Integer Overflow or Wraparound, Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling'), Unquoted Search Path or Element, Untrusted Search Path, Use After Free, Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Missing Release of Memory after Effective Lifetime, Allocation of Resources Without Limits or Throttling, Improper Privilege Management, Improper Limitati
Microsoft
GitHub: CVE-2023-25652 "git apply --reject" partially-controlled arbitrary file write
vendor_msrc·2023-06-13·CVSS 7.5
CVE-2023-25652 [HIGH] GitHub: CVE-2023-25652 "git apply --reject" partially-controlled arbitrary file write
GitHub: CVE-2023-25652 "git apply --reject" partially-controlled arbitrary file write
FAQ: Why is this GitHub CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in MinGit software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.
Visual Studio: Visual Studio
GitHub: GitHub
Customer Action Required: Yes
Impact: Remote Code Execution
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely
Remediation: Release Notes
Reference: http://aka.ms/vs/15/release/latest
Reference: https://docs.m
Ubuntu
Git vulnerabilities
vendor_ubuntu·2023-05-17·CVSS 7.5
CVE-2023-25652 [HIGH] Git vulnerabilities
Title: Git vulnerabilities
Summary: Several security issues were fixed in Git.
USN-6050-1 fixed several vulnerabilities in Git. This update provides
the corresponding updates for CVE-2023-25652 and CVE-2023-29007 on
Ubuntu 16.04 LTS.
Original advisory details:
It was discovered that Git incorrectly handled certain commands.
An attacker could possibly use this issue to overwrite paths.
(CVE-2023-25652)
André Baptista and Vítor Pinho discovered that Git incorrectly handled
certain configurations. An attacker could possibly use this issue
to achieve arbitrary configuration injection. (CVE-2023-29007)
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
Git vulnerabilities
vendor_ubuntu·2023-05-01·CVSS 7.5
CVE-2023-25815 [HIGH] Git vulnerabilities
Title: Git vulnerabilities
Summary: Several security issues were fixed in Git.
It was discovered that Git incorrectly handled certain commands.
An attacker could possibly use this issue to overwriting some paths.
(CVE-2023-25652)
Maxime Escourbiac and Yassine BENGANA discovered that Git incorrectly
handled some gettext machinery. An attacker could possibly use this issue
to allows the malicious placement of crafted messages. (CVE-2023-25815)
André Baptista and Vítor Pinho discovered that Git incorrectly handled
certain configurations. An attacker could possibly use this issue
to arbitrary configuration injection. (CVE-2023-29007)
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents
vendor_redhat·2023-04-25·CVSS 7.5
CVE-2023-25652 [HIGH] git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents
git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid app
Debian
CVE-2023-25652: git - Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33...
vendor_debian·2023·CVSS 7.5
CVE-2023-25652 [HIGH] CVE-2023-25652: git - Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33...
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists.
Scope: local
bookworm: resolved (fixed in 1:2.39.5-0+deb12u1)
bu
OSV
git vulnerabilities
osv·2023-05-17·CVSS 7.5
CVE-2023-25652 [HIGH] git vulnerabilities
git vulnerabilities
USN-6050-1 fixed several vulnerabilities in Git. This update provides
the corresponding updates for CVE-2023-25652 and CVE-2023-29007 on
Ubuntu 16.04 LTS.
Original advisory details:
It was discovered that Git incorrectly handled certain commands.
An attacker could possibly use this issue to overwrite paths.
(CVE-2023-25652)
André Baptista and Vítor Pinho discovered that Git incorrectly handled
certain configurations. An attacker could possibly use this issue
to achieve arbitrary configuration injection. (CVE-2023-29007)
OSV
git vulnerabilities
osv·2023-05-01·CVSS 7.5
CVE-2023-25652 [HIGH] git vulnerabilities
git vulnerabilities
It was discovered that Git incorrectly handled certain commands.
An attacker could possibly use this issue to overwriting some paths.
(CVE-2023-25652)
Maxime Escourbiac and Yassine BENGANA discovered that Git incorrectly
handled some gettext machinery. An attacker could possibly use this issue
to allows the malicious placement of crafted messages. (CVE-2023-25815)
André Baptista and Vítor Pinho discovered that Git incorrectly handled
certain configurations. An attacker could possibly use this issue
to arbitrary configuration injection. (CVE-2023-29007)
OSV
CVE-2023-25652: Git is a revision control system
osv·2023-04-25·CVSS 7.5
CVE-2023-25652 [HIGH] CVE-2023-25652: Git is a revision control system
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists.
No detection rules found.
No public exploits indexed.
http://www.openwall.com/lists/oss-security/2023/04/25/2https://github.com/git/git/commit/18e2b1cfc80990719275d7b08e6e50f3e8cbc902https://github.com/git/git/commit/668f2d53613ac8fd373926ebe219f2c29112d93ehttps://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fxhttps://lists.debian.org/debian-lts-announce/2024/06/msg00018.htmlhttps://lists.fedoraproject.org/archives/list/[email protected]/message/BSXOGVVBJLYX26IAYX6PJSYQB36BREWH/https://lists.fedoraproject.org/archives/list/[email protected]/message/PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7/https://lists.fedoraproject.org/archives/list/[email protected]/message/RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU/https://lists.fedoraproject.org/archives/list/[email protected]/message/YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL/https://security.gentoo.org/glsa/202312-15http://www.openwall.com/lists/oss-security/2023/04/25/2https://github.com/git/git/commit/18e2b1cfc80990719275d7b08e6e50f3e8cbc902https://github.com/git/git/commit/668f2d53613ac8fd373926ebe219f2c29112d93ehttps://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fxhttps://lists.debian.org/debian-lts-announce/2024/06/msg00018.htmlhttps://lists.debian.org/debian-lts-announce/2024/09/msg00009.htmlhttps://lists.fedoraproject.org/archives/list/[email protected]/message/BSXOGVVBJLYX26IAYX6PJSYQB36BREWH/https://lists.fedoraproject.org/archives/list/[email protected]/message/PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7/https://lists.fedoraproject.org/archives/list/[email protected]/message/RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU/https://lists.fedoraproject.org/archives/list/[email protected]/message/YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL/https://security.gentoo.org/glsa/202312-15
2023-04-25
Published