Описание
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target repository in the objects/ directory. Cloning a local repository over the filesystem may creating hardlinks to arbitrary user-owned files on the same filesystem in the target Git repository's objects/ directory. When cloning a repository over the filesystem (without explicitly specifying the file:// protocol or --no-local), the optimizations for local cloning
will be used, which include attempting to hard link the object files instead of copying them. While the code includes checks against symbolic links in the source repository, which were added during the fix for CVE-2022-39253, these checks can still be raced because the hard link operation ultimately follows symlinks. If the object on the filesystem appears as a file during the check, and then a symlink during the operation, this will allow the adversary to bypass the check and create hardlinks in the destination objects directory to arbitrary, user-readable files. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4.
A vulnerability was found in Git. This flaw allows an unauthenticated attacker to place a repository on their target's local system that contains symlinks. During the cloning process, Git could be tricked into creating hardlinked arbitrary files into their repository's objects/ directory, impacting availability and integrity.
Отчет
While the Git vulnerability described involves the potential creation of hardlinks to arbitrary files during the cloning process, its severity is considered Low due to several mitigating factors. First, successful exploitation relies on the presence of specific conditions, including the use of local cloning over the filesystem and the ability to manipulate symbolic links within the source repository. Secondly, the impact is limited to the creation of hardlinks to user-readable files, which may not necessarily lead to immediate compromise or exploitation of sensitive data. Additionally, the likelihood of exploitation is reduced by the need for direct access to the filesystem where the cloning operation occurs.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | git | Fix deferred | ||
| Red Hat Enterprise Linux 6 | git | Out of support scope | ||
| Red Hat Enterprise Linux 7 | git | Out of support scope | ||
| Red Hat Fuse 7 | git | Fix deferred | ||
| Red Hat Software Collections | rh-git227-git | Fix deferred | ||
| Red Hat Enterprise Linux 8 | git | Fixed | RHSA-2024:4084 | 25.06.2024 |
| Red Hat Enterprise Linux 9 | git | Fixed | RHSA-2024:4083 | 25.06.2024 |
| Red Hat Enterprise Linux 9.2 Extended Update Support | git | Fixed | RHSA-2024:4368 | 08.07.2024 |
Показывать по
Дополнительная информация
EPSS
3.9 Low
CVSS3
Связанные уязвимости
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target repository in the `objects/` directory. Cloning a local repository over the filesystem may creating hardlinks to arbitrary user-owned files on the same filesystem in the target Git repository's `objects/` directory. When cloning a repository over the filesystem (without explicitly specifying the `file://` protocol or `--no-local`), the optimizations for local cloning will be used, which include attempting to hard link the object files instead of copying them. While the code includes checks against symbolic links in the source repository, which were added during the fix for CVE-2022-39253, these checks can still be raced because the hard link operation ultimately follows symlinks. If the object on th...
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target repository in the `objects/` directory. Cloning a local repository over the filesystem may creating hardlinks to arbitrary user-owned files on the same filesystem in the target Git repository's `objects/` directory. When cloning a repository over the filesystem (without explicitly specifying the `file://` protocol or `--no-local`), the optimizations for local cloning will be used, which include attempting to hard link the object files instead of copying them. While the code includes checks against symbolic links in the source repository, which were added during the fix for CVE-2022-39253, these checks can still be raced because the hard link operation ultimately follows symlinks. If the object on the f
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2. ...
Уязвимость распределенной системы контроля версий Git, связанная с использованием предустановленных данных, связанных с безопасностью, позволяющая нарушителю создавать жесткие ссылки на произвольные файлы, доступные для чтения, в той же файловой системе
EPSS
3.9 Low
CVSS3