5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
41.7%
Git is an open source, scalable, distributed revision control system.
Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3,
and 2.37.4 are subject to exposure of sensitive information to a malicious
actor. When performing a local clone (where the source and target of the
clone are on the same volume), Git copies the contents of the source’s
$GIT_DIR/objects
directory into the destination by either creating
hardlinks to the source contents, or copying them (if hardlinks are
disabled via --no-hardlinks
). A malicious actor could convince a victim
to clone a repository with a symbolic link pointing at sensitive
information on the victim’s machine. This can be done either by having the
victim clone a malicious repository on the same machine, or having them
clone a malicious repository embedded as a bare repository via a submodule
from any source, provided they clone with the --recurse-submodules
option. Git does not create symbolic links in the $GIT_DIR/objects
directory. The problem has been patched in the versions published on
2022-10-18, and backported to v2.30.x. Potential workarounds: Avoid cloning
untrusted repositories using the --local
optimization when on a shared
machine, either by passing the --no-local
option to git clone
or
cloning from a URL that uses the file://
scheme. Alternatively, avoid
cloning repositories from untrusted sources with --recurse-submodules
or
run git config --global protocol.file.allow user
.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | git | < 1:2.17.1-1ubuntu0.13 | UNKNOWN |
ubuntu | 20.04 | noarch | git | < 1:2.25.1-1ubuntu3.6 | UNKNOWN |
ubuntu | 22.04 | noarch | git | < 1:2.34.1-1ubuntu1.5 | UNKNOWN |
ubuntu | 22.10 | noarch | git | < 1:2.37.2-1ubuntu1.1 | UNKNOWN |
ubuntu | 23.04 | noarch | git | < 1:2.38.1-1ubuntu1 | UNKNOWN |
ubuntu | 16.04 | noarch | git | < 1:2.7.4-0ubuntu1.10+esm6 | UNKNOWN |