Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2019-1348 CVE-2019-1349 CVE-2019-1350 CVE-2019-1351 CVE-2019-1352 CVE-2019-1353 CVE-2019-1354 CVE-2019-1387 CVE-2019-19604

A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwrite arbitrary files, but would not have complete control on the content of the file. (CVE-2019-1348) An improper input validation flaw was discovered in git in the way it handles git submodules. A remote attacker could abuse this flaw to trick a victim user into recursively cloning a malicious repository, which, under certain circumstances, could fool git into using the same git directory twice and potentially cause remote code execution. (CVE-2019-1349) A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387. (CVE-2019-1350) A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'. (CVE-2019-1351) A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387. (CVE-2019-1352) An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as "WSL") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active. (CVE-2019-1353) A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387. (CVE-2019-1354) A flaw was discovered where git improperly validates submodules' names used to construct git metadata paths and does not prevent them from being nested in existing directories used to store another submodule's metadata. A remote attacker could abuse this flaw to trick a victim user into cloning a malicious repository containing submodules, which, when recursively cloned, would trigger the flaw and remotely execute code on the victim's machine. (CVE-2019-1387) A security bypass was discovered in git, which allows arbitrary commands to be executed during the update of git submodules. A remote attacker may trick a victim user into cloning a malicious repository that initially looks fine, allowing access to bypass the security mechanisms that prevent the execution of arbitrary commands during the submodule initialization. After following an update of the repository and the submodules done by the victim user, vulnerable versions of git may use the update setting in the .gitmodules file and execute arbitrary commands. (CVE-2019-19604)

Source

ALAS2-2023-1943

Amazon Linux 2 Security Advisory: ALAS-2023-1943
Advisory Release Date: 2023-02-17 00:11 Pacific
Advisory Updated Date: 2023-02-22 01:54 Pacific

Severity: Important

References: CVE-2019-1348 CVE-2019-1349 CVE-2019-1350 CVE-2019-1351 CVE-2019-1352 CVE-2019-1353 CVE-2019-1354 CVE-2019-1387 CVE-2019-19604
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwrite arbitrary files, but would not have complete control on the content of the file. (CVE-2019-1348)

An improper input validation flaw was discovered in git in the way it handles git submodules. A remote attacker could abuse this flaw to trick a victim user into recursively cloning a malicious repository, which, under certain circumstances, could fool git into using the same git directory twice and potentially cause remote code execution. (CVE-2019-1349)

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387. (CVE-2019-1350)

A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'. (CVE-2019-1351)

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387. (CVE-2019-1352)

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as "WSL") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active. (CVE-2019-1353)

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387. (CVE-2019-1354)

A flaw was discovered where git improperly validates submodules' names used to construct git metadata paths and does not prevent them from being nested in existing directories used to store another submodule's metadata. A remote attacker could abuse this flaw to trick a victim user into cloning a malicious repository containing submodules, which, when recursively cloned, would trigger the flaw and remotely execute code on the victim's machine. (CVE-2019-1387)

A security bypass was discovered in git, which allows arbitrary commands to be executed during the update of git submodules. A remote attacker may trick a victim user into cloning a malicious repository that initially looks fine, allowing access to bypass the security mechanisms that prevent the execution of arbitrary commands during the submodule initialization. After following an update of the repository and the submodules done by the victim user, vulnerable versions of git may use the update setting in the .gitmodules file and execute arbitrary commands. (CVE-2019-19604)

Affected Packages:

git

Issue Correction:
pkg_manager = 'yum'Run update git to update your system.

New Packages:

aarch64:
    git-2.23.1-0.amzn2.0.2.aarch64
    git-core-2.23.1-0.amzn2.0.2.aarch64
    git-daemon-2.23.1-0.amzn2.0.2.aarch64
    git-subtree-2.23.1-0.amzn2.0.2.aarch64
    git-debuginfo-2.23.1-0.amzn2.0.2.aarch64

i686:
    git-2.23.1-0.amzn2.0.2.i686
    git-core-2.23.1-0.amzn2.0.2.i686
    git-daemon-2.23.1-0.amzn2.0.2.i686
    git-subtree-2.23.1-0.amzn2.0.2.i686
    git-debuginfo-2.23.1-0.amzn2.0.2.i686

noarch:
    git-all-2.23.1-0.amzn2.0.2.noarch
    git-core-doc-2.23.1-0.amzn2.0.2.noarch
    git-cvs-2.23.1-0.amzn2.0.2.noarch
    git-email-2.23.1-0.amzn2.0.2.noarch
    gitk-2.23.1-0.amzn2.0.2.noarch
    gitweb-2.23.1-0.amzn2.0.2.noarch
    git-gui-2.23.1-0.amzn2.0.2.noarch
    git-instaweb-2.23.1-0.amzn2.0.2.noarch
    git-p4-2.23.1-0.amzn2.0.2.noarch
    perl-Git-2.23.1-0.amzn2.0.2.noarch
    perl-Git-SVN-2.23.1-0.amzn2.0.2.noarch
    git-svn-2.23.1-0.amzn2.0.2.noarch

src:
    git-2.23.1-0.amzn2.0.2.src

x86_64:
    git-2.23.1-0.amzn2.0.2.x86_64
    git-core-2.23.1-0.amzn2.0.2.x86_64
    git-daemon-2.23.1-0.amzn2.0.2.x86_64
    git-subtree-2.23.1-0.amzn2.0.2.x86_64
    git-debuginfo-2.23.1-0.amzn2.0.2.x86_64

Additional References

Red Hat: CVE-2019-1348, CVE-2019-1349, CVE-2019-1350, CVE-2019-1351, CVE-2019-1352, CVE-2019-1353, CVE-2019-1354, CVE-2019-1387, CVE-2019-19604

Mitre: CVE-2019-1348, CVE-2019-1349, CVE-2019-1350, CVE-2019-1351, CVE-2019-1352, CVE-2019-1353, CVE-2019-1354, CVE-2019-1387, CVE-2019-19604

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS2-2023-1943

ALAS2-2023-1943

Additional References

Vulmon Search

About

Products

Connect