CVE-2023-25652

2023-04-2500:00:00

ubuntu.com

git vulnerability

file overwrite

patch application

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

0.002 Low

EPSS

Percentile

60.2%

JSON

Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7,
2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by
feeding specially crafted input to git apply --reject, a path outside the
working tree can be overwritten with partially controlled contents
(corresponding to the rejected hunk(s) from the given patch). A fix is
available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8,
2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using
git apply with --reject when applying patches from an untrusted source.
Use git apply --stat to inspect a patch before applying; avoid applying
one that create a conflict where a link corresponding to the *.rej file
exists.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchgit< 1:2.17.1-1ubuntu0.18UNKNOWN
ubuntu20.04noarchgit< 1:2.25.1-1ubuntu3.11UNKNOWN
ubuntu22.04noarchgit< 1:2.34.1-1ubuntu1.9UNKNOWN
ubuntu22.10noarchgit< 1:2.37.2-1ubuntu1.5UNKNOWN
ubuntu23.04noarchgit< 1:2.39.2-1ubuntu1.1UNKNOWN
ubuntu16.04noarchgit< 1:2.7.4-0ubuntu1.10+esm7UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	git	< 1:2.17.1-1ubuntu0.18	UNKNOWN
ubuntu	20.04	noarch	git	< 1:2.25.1-1ubuntu3.11	UNKNOWN
ubuntu	22.04	noarch	git	< 1:2.34.1-1ubuntu1.9	UNKNOWN
ubuntu	22.10	noarch	git	< 1:2.37.2-1ubuntu1.5	UNKNOWN
ubuntu	23.04	noarch	git	< 1:2.39.2-1ubuntu1.1	UNKNOWN
ubuntu	16.04	noarch	git	< 1:2.7.4-0ubuntu1.10+esm7	UNKNOWN