Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.2
CVSSv3

CVE-2023-25815

Published: 25/04/2023 Updated: 27/12/2023
CVSS v3 Base Score: 2.2 | Impact Score: 1.4 | Exploitability Score: 0.8
VMScore: 0
Subscribe to Git For Windows Project

Vulnerability Summary

In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the `gettext()` function's implicit initialization no longer uses the runtime prefix but uses the hard-coded path `C:\mingw64\share\locale` to look for localized messages. And since any authenticated user has the permission to create folders in `C:\` (and since `C:\mingw64` does not typically exist), it is possible for low-privilege users to place fake messages in that location where `git.exe` will pick them up in version 2.40.1. This vulnerability is relatively hard to exploit and requires social engineering. For example, a legitimate message at the end of a clone could be maliciously modified to ask the user to direct their web browser to a malicious website, and the user might think that the message comes from Git and is legitimate. It does require local write access by the attacker, though, which makes this attack vector less likely. Version 2.40.1 contains a patch for this issue. Some workarounds are available. Do not work on a Windows machine with shared accounts, or alternatively create a `C:\mingw64` folder and leave it empty. Users who have administrative rights may remove the permission to create folders in `C:\`.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

git for windows project git for windows

fedoraproject fedora 37

fedoraproject fedora 38

Vendor Advisories

Debian CVElist Bug Report Logs: git: CVE-2023-25652 CVE-2023-25815 CVE-2023-29007
Debian Bug report logs - #1034835 git: CVE-2023-25652 CVE-2023-25815 CVE-2023-29007 Package: src:git; Maintainer for src:git is Jonathan Nieder <jrnieder@gmailcom>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 25 Apr 2023 18:39:02 UTC Severity: grave Tags: security, upstream Found in version git ...
Red Hat: Important: git security update
Synopsis Important: git security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for git is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Security has rated this u ...
Red Hat: Important: git security update
Synopsis Important: git security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for git is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security ...
Red Hat: Moderate: OpenShift Container Platform 4.13.1 bug fix and security update
Synopsis Moderate: OpenShift Container Platform 4131 bug fix and security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4131 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Con ...
Red Hat: Important: git security update
Synopsis Important: git security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for git is now available for Red Hat Enterprise Linux 82 Advanced Update SupportRed Hat Product Security has rated this u ...
Red Hat: Important: git security update
Synopsis Important: git security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for git is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Product Security has rated this u ...
Red Hat: Important: git security update
Synopsis Important: git security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for git is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a security ...
Red Hat: Important: git security update
Synopsis Important: git security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for git is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat Product Security has ra ...
Red Hat: Critical: Red Hat Advanced Cluster Management 2.7.4 security fixes and container updates
Synopsis Critical: Red Hat Advanced Cluster Management 274 security fixes and container updates Type/Severity Security Advisory: Critical Topic Red Hat Advanced Cluster Management for Kubernetes 274 GeneralAvailability release images, which fix security issues and update container imagesRed Hat Product Security has rated this update as h ...
Red Hat: Important: rh-git227-git security update
Synopsis Important: rh-git227-git security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for rh-git227-git is now available for Red Hat Software CollectionsRed Hat Product Security has rated this updat ...
Red Hat: Moderate: OpenShift Container Platform 4.10.61 bug fix and security update
概述 Moderate: OpenShift Container Platform 41061 bug fix and security update 类型/严重性 Security Advisory: Moderate 标题 Red Hat OpenShift Container Platform release 41061 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift ...
Red Hat: Important: OpenShift Container Platform 4.12.20 bug fix and security update
概述 Important: OpenShift Container Platform 41220 bug fix and security update 类型/严重性 Security Advisory: Important 标题 Red Hat OpenShift Container Platform release 41220 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShi ...
Red Hat: Moderate: OpenShift Container Platform 4.12.19 bug fix and security update
Synopsis Moderate: OpenShift Container Platform 41219 bug fix and security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 41219 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift C ...
Red Hat: Moderate: Logging Subsystem 5.7.2 - Red Hat OpenShift security update
Synopsis Moderate: Logging Subsystem 572 - Red Hat OpenShift security update Type/Severity Security Advisory: Moderate Topic Logging Subsystem 572 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
Red Hat: Important: Migration Toolkit for Containers (MTC) 1.7.10 security and bug fix update
Synopsis Important: Migration Toolkit for Containers (MTC) 1710 security and bug fix update Type/Severity Security Advisory: Important Topic The Migration Toolkit for Containers (MTC) 1710 is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ...
Red Hat: Critical: Red Hat Advanced Cluster Management 2.6.6 security fixes and container updates
Synopsis Critical: Red Hat Advanced Cluster Management 266 security fixes and container updates Type/Severity Security Advisory: Critical Topic Red Hat Advanced Cluster Management for Kubernetes 266 GeneralAvailability release images, which fix security issues and update container imagesRed Hat Product Security has rated this update as h ...
Red Hat: Critical: Red Hat Advanced Cluster Management 2.5.9 security fixes and container updates
Synopsis Critical: Red Hat Advanced Cluster Management 259 security fixes and container updates Type/Severity Security Advisory: Critical Topic Red Hat Advanced Cluster Management for Kubernetes 259 GeneralAvailability release images, which fix security issues and update container imagesRed Hat Product Security has rated this update as h ...
Red Hat: Moderate: OpenShift Jenkins image and Jenkins agent base image security update
Synopsis Moderate: OpenShift Jenkins image and Jenkins agent base image security update Type/Severity Security Advisory: Moderate Topic Release of Bug Advisories for the OpenShift Jenkins image and Jenkins agent base imageRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring Sys ...
Red Hat: Important: OpenShift Container Platform 4.13.2 bug fix and security update
Synopsis Important: OpenShift Container Platform 4132 bug fix and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 4132 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift C ...
Red Hat:
DescriptionThe MITRE CVE dictionary describes this issue as: In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization However, due to a change in MINGW-packages, the `gettext()` function's implicit initi ...

References

CWE-22CWE-134https://github.com/git-for-windows/git/releases/tag/v2.40.1.windows.1https://axcheron.github.io/exploit-101-format-strings/#writing-to-the-stackhttps://github.com/msys2/MINGW-packages/pull/10461https://pubs.opengroup.org/onlinepubs/9699919799/functions/printf.htmlhttps://github.com/git-for-windows/git/security/advisories/GHSA-9w66-8mq8-5vm8http://www.openwall.com/lists/oss-security/2023/04/25/2https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU/https://security.gentoo.org/glsa/202312-15https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2023-25815
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAPCVE-2024-4367server-side request forgeryinformation disclosureCVE-2024-34342CVE-2024-4281CVE-2024-3507CVE-2024-25560CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook