Git is vulnerable to privilege escalation attacks. A remote authenticated user could supply a specially crafted repository name to break out of the restricted git-shell and gain elevated privileges on the target system.
CPE | Name | Operator | Version |
---|---|---|---|
rh-git29-git | eq | 2.9.3__2.el6 | |
git:3.3 | eq | 2.6.6-r0 | |
git:stretch | eq | 1:2.11.0-3+deb9u7 |
lists.opensuse.org/opensuse-updates/2017-05/msg00090.html
public-inbox.org/git/[email protected]/
www.debian.org/security/2017/dsa-3848
www.securityfocus.com/bid/98409
www.securitytracker.com/id/1038479
www.ubuntu.com/usn/USN-3287-1
access.redhat.com/errata/RHSA-2017:2004
access.redhat.com/errata/RHSA-2017:2491
access.redhat.com/security/updates/classification/#important
insinuator.net/2017/05/git-shell-bypass-by-abusing-less-cve-2017-8386/
kernel.googlesource.com/pub/scm/git/git/+/3ec804490a265f4c418a321428c12f3f18b7eff5
lists.fedoraproject.org/archives/list/[email protected]/message/3ISHYFLM2ACYHHY3JHCLF75X7UF4ZMDM/
lists.fedoraproject.org/archives/list/[email protected]/message/DPYRN7APMHY4ZFDPAKD22J5R4QJFY2JP/
lists.fedoraproject.org/archives/list/[email protected]/message/FDS3LSJJ3YGGQYIVPKQDVOCXWDSF6JGF/
security.gentoo.org/glsa/201706-04