Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-7130-1

Ubuntu Security Notice 7130-1 - It was discovered that GitHub CLI incorrectly handled username validation. An attacker could possibly use this issue to perform remote code execution if the user connected to a malicious server.

Packet Storm
Open in Source
#vulnerability#ubuntu#git#rce

==========================================================================

Ubuntu Security Notice USN-7130-1
November 26, 2024

gh vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 24.10
  • Ubuntu 24.04 LTS

Summary:

GitHub CLI could be made to run programs as your login if it
connected to a malicious server.

Software Description:

  • gh: GitHub CLI, GitHub’s official command line tool

Details:

It was discovered that GitHub CLI incorrectly handled username
validation. An attacker could possibly use this issue to perform
remote code execution if the user connected to a malicious server.
(CVE-2024-52308)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
gh 2.46.0-1ubuntu0.2

Ubuntu 24.04 LTS
gh 2.45.0-1ubuntu0.2+esm1
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7130-1
https://ubuntu.com/security/notices/USN-7130-1
CVE-2024-52308

Package Information:
https://launchpad.net/ubuntu/+source/gh/2.46.0-1ubuntu0.2
https://launchpad.net/ubuntu/+source/gh/2.46.0-1ubuntu0.2

Related news

GHSA-p2h2-3vg9-4p87: Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer

### Summary A security vulnerability has been identified in GitHub CLI that could allow remote code execution (RCE) when users connect to a malicious Codespace SSH server and use the `gh codespace ssh` or `gh codespace logs` commands. ### Details The vulnerability stems from the way GitHub CLI handles SSH connection details when executing commands. When developers connect to remote Codespaces, they typically use a SSH server running within a devcontainer, often provided through the [default devcontainer image](https://docs.github.com/en/codespaces/setting-up-your-project-for-codespaces/adding-a-dev-container-configuration/introduction-to-dev-containers#using-the-default-dev-container-configuration). GitHub CLI [retrieves SSH connection details](https://github.com/cli/cli/blob/30066b0042d0c5928d959e288144300cb28196c9/internal/codespaces/rpc/invoker.go#L230-L244), such as remote username, which is used in [executing `ssh` commands](https://github.com/cli/cli/blob/e356c69a6f0125cfaac7...

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution
Packet Storm