#VU72246 Link following in Git - CVE-2023-22490


Vulnerability identifier: #VU72246

Vulnerability risk: Low

CVSSv4.0: 0.2 [CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22490

CWE-ID: CWE-59

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Git
Client/Desktop applications / Software for system administration

Vendor: Git

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to insecure processing of symbolic links when using local clone optimization. Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, however the `objects` directory itself may still be a symbolic link. A remote attacker can trick the victim into using the local clone optimization to exfiltrate arbitrary files from the victim's system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Git: 2.30.0 - 2.39.1

External links
https://github.com/git/git/commit/c867e4fa180bec4750e9b54eb10f459030dbebfd
https://github.com/git/git/security/advisories/GHSA-gw92-x3fm-3g3q

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Amazon Linux AMI update for git
Gentoo update for Git
Multiple vulnerabilities in Red Hat OpenShift Container Platform release 4.13
Fedora 37 update for git
Fedora 36 update for git
Multiple vulnerabilities in Dell ECS
Multiple vulnerabilities in OpenShift Developer Tools and Services 4.12
Multiple vulnerabilities in OpenShift Developer Tools and Services 4.11
Migration Toolkit for Containers (MTC) 1.7 update for golang
Multiple vulnerabilities in Red Hat OpenShift Logging 5.7