Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-39260

Published: 19/10/2022 Updated: 27/12/2023
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Git-scm

Vulnerability Summary

Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions before 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting array is then passed to `execv()`, it is possible to leverage this attack to gain remote code execution on a victim machine. Note that a victim must first allow access to `git shell` as a login shell in order to be vulnerable to this attack. This problem is patched in versions 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 and users are advised to upgrade to the latest version. Disabling `git shell` access via remote logins is a viable short-term workaround.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

git-scm git 2.38.0

git-scm git

fedoraproject fedora 35

fedoraproject fedora 36

fedoraproject fedora 37

apple xcode

debian debian linux 10.0

Vendor Advisories

Debian CVElist Bug Report Logs: git: CVE-2022-39253 CVE-2022-39260
Debian Bug report logs - #1022046 git: CVE-2022-39253 CVE-2022-39260 Package: src:git; Maintainer for src:git is Jonathan Nieder <jrnieder@gmailcom>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 19 Oct 2022 12:48:02 UTC Severity: grave Tags: security, upstream Found in versions git/1:2372-1, g ...
Red Hat: Moderate: git security and bug fix update
Synopsis Moderate: git security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for git is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having ...
Red Hat: Moderate: git security and bug fix update
Synopsis Moderate: git security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for git is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having ...
Ubuntu Security Notice: USN-5686-3: Git vulnerabilities
Several security issues were fixed in Git ...
Ubuntu Security Notice: USN-5686-2: Git vulnerability
Git could be made to crash or run programs as your login if it received specially crafted input ...
Ubuntu Security Notice: USN-5686-1: Git vulnerabilities
Several security issues were fixed in Git ...
Amazon Linux 2: ALAS2-2022-1886
Git is an open source, scalable, distributed revision control system Versions prior to 2306, 2315, 2324, 2335, 2345, 2355, 2363, and 2374 are subject to exposure of sensitive information to a malicious actor When performing a local clone (where the source and target of the clone are on the same volume), Git copies the contents of ...
Amazon Linux AMI: ALAS-2022-1653
Git is an open source, scalable, distributed revision control system Versions prior to 2306, 2315, 2324, 2335, 2345, 2355, 2363, and 2374 are subject to exposure of sensitive information to a malicious actor When performing a local clone (where the source and target of the clone are on the same volume), Git copies the contents of ...
Red Hat:
DescriptionThe MITRE CVE dictionary describes this issue as: Git is an open source, scalable, distributed revision control system `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH In versions prior to 2306, 2315, 2324, 2335, 2345, 2355, 2363, and 2374, the function that spl ...
Amazon Linux 2022: ALAS-2022-254
ALAS-2022-254 Amazon Linux 2022 Security Advisory: ALAS-2022-254 Advisory Release Date: 2022-12-06 16:45 Pacific ...

ICS Advisories

https://ics-cert.us-cert.gov/advisories/0600b443ff4393d097c485fbc8d3ed3b
Critical Infrastructure Sectors: Critical Manufacturing

References

CWE-787CWE-122https://github.com/git/git/security/advisories/GHSA-rjr6-wcq6-83p6https://support.apple.com/kb/HT213496http://seclists.org/fulldisclosure/2022/Nov/1https://lists.debian.org/debian-lts-announce/2022/12/msg00025.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKFHE4KVD7EKS5J3KTDFVBEKU3CLXGVV/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHNO2FB55CPX47BAXMBWUBGWHO6N6ZZH/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7B6JPKX5CGGLAHXJVQMIZNNEEB72FHD/https://security.gentoo.org/glsa/202312-15https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022046https://nvd.nist.govhttps://ubuntu.com/security/notices/USN-5686-3https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook