Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-31012: Release Git for Windows 2.37.1 · git-for-windows/git

Git for Windows is a fork of Git that contains Windows-specific patches. This vulnerability in versions prior to 2.37.1 lets Git for Windows’ installer execute a binary into C:\mingw64\bin\git.exe by mistake. This only happens upon a fresh install, not when upgrading Git for Windows. A patch is included in version 2.37.1. Two workarounds are available. Create the C:\mingw64 folder and remove read/write access from this folder, or disallow arbitrary authenticated users to create folders in C:\.

CVE
#vulnerability#windows#git#perl#auth#ssl

Changes since Git for Windows v2.37.0 (June 27th 2022)

This release addresses CVE-2022-31012 and CVE-2022-29187.

New Features

  • Comes with Git v2.37.1.
  • Comes with OpenSSL v1.1.1q.
  • Comes with Git Credential Manager Core v2.0.785.
  • Comes with tig v2.5.5.

Bug Fixes

  • Pasting large amounts of text in Git for Windows’ Bash when running inside Windows Terminal often resulted in garbled text, which has been fixed.
  • The Perl module perl-Clone which linked to a non-existing DLL was rebuilt to fix the issue.
  • The Git for Windows installer can no longer be tricked into running an untrusted git.exe in elevated mode (CVE-2022-31012).
  • When running Git in a world-writable directory owned by the current user (think C:\Windows\Temp, when running under the SYSTEM account), the checks for dubious ownership of the .git directory now detect this situation properly (CVE-2022-29187).

Filename

SHA-256

Git-2.37.1-64-bit.exe

1966761ad2c9e4cbd38f9e583b1125949b011a5a250a99d65e9bb21958e6ef8b

Git-2.37.1-32-bit.exe

714069fe4291c4ca7a51f7e7e81b0c94038590294f3b9e0981456a664c92966b

PortableGit-2.37.1-64-bit.7z.exe

b0bc403bb03326b835e239b3bf7c0af277f43eba5421132dc8531204c78b6b25

PortableGit-2.37.1-32-bit.7z.exe

1a32f1de26d52ef866f27db395d8ab6bd9dc4c53bfc0161937b20f8749b4d96b

MinGit-2.37.1-64-bit.zip

edacf2d5c39555c25a396e0b9d27182ab5587259dc2e824b4490996b373f9300

MinGit-2.37.1-32-bit.zip

b336137fb286552c5c2616af50c54e9aca7d16a24ec1b00189a6c221a81af14c

MinGit-2.37.1-busybox-64-bit.zip

1fb7db2cb181ef962e06b1b99c4b254b3ace6f6dce73740bd498d3948189ca42

MinGit-2.37.1-busybox-32-bit.zip

7470ec55d4ac0ddc3738614dbfe6642770a001b0bae9d3c944e22e25019bf16d

Git-2.37.1-64-bit.tar.bz2

b1c87e136947102ce32f75ef880ebee79b547f8ef33bb1b5010c3455ac83a655

Git-2.37.1-32-bit.tar.bz2

b0fef8f618e5e5cdad200571211fb6b42be595ef55bf8b648b8211c8bd5e02ea

Related news

Gentoo Linux Security Advisory 202401-17

Gentoo Linux Security Advisory 202401-17 - A vulnerability has been found in libgit2 which could result in privilege escalation. Versions greater than or equal to 1.4.4 are affected.

Gentoo Linux Security Advisory 202312-15

Gentoo Linux Security Advisory 202312-15 - Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution. Versions greater than or equal to 2.39.3 are affected.

CVE-2023-43074: DSA-2023-141: Dell Unity, Unity VSA and Unity XT Security Update for Multiple Vulnerability

Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by crafting arbitrary files through a request to the server.

CVE-2023-28864: Chef Infra Server Release Notes

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.

RHSA-2023:2859: Red Hat Security Advisory: git security and bug fix update

An update for git is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24765: A vulnerability was found in Git. This flaw occurs due to Git not checking the ownership of directories in a local multi-user system when running commands specified in the local repository configuration. This allows the owner of the repository to cause arbitrary commands to be executed by other users who access the repository. * CVE-2022-29187: A vu...

RHSA-2023:2319: Red Hat Security Advisory: git security and bug fix update

An update for git is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24765: A vulnerability was found in Git. This flaw occurs due to Git not checking the ownership of directories in a local multi-user system when running commands specified in the local repository configuration. This allows the owner of the repository to cause arbitrary commands to be executed by other users who access the repository. * CVE-2022-29187: A vu...

CVE-2022-42797: About the security content of Xcode 14.1

An injection issue was addressed with improved input validation. This issue is fixed in Xcode 14.1. An app may be able to gain root privileges.

Debian Security Advisory 5332-1

Debian Linux Security Advisory 5332-1 - Multiple issues were found in Git, a distributed revision control system. An attacker may trigger remote code execution, cause local users into executing arbitrary commands, leak information from the local filesystem, and bypass restricted shell.

Ubuntu Security Notice USN-5511-1

Ubuntu Security Notice 5511-1 - Carlo Marcelo Arenas Belon discovered that an issue related to CVE-2022-24765 still affected Git. An attacker could possibly use this issue to run arbitrary commands as administrator.

CVE-2022-29187: Git security vulnerability announced | The GitHub Blog

Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907