Plattform
linux
Komponente
git
Behoben in
2.45.1
2.44.1
2.43.1
2.42.1
2.41.1
2.40.1
2.39.5
CVE-2024-32465 affects Git versions less than or equal to 2.43.0 and prior to 2.43.4. This vulnerability allows attackers to bypass repository protections during cloning operations, potentially leading to unauthorized access to sensitive data. While Git includes safeguards for cloning untrusted repositories, this flaw circumvents those protections. A fix is available in Git version 2.45.1.
The core of this vulnerability lies in the ability to bypass Git's protections designed to safeguard against malicious repositories. An attacker could craft a repository containing specially designed files that, when cloned, would circumvent these safeguards. This could allow them to read sensitive files, execute arbitrary code, or modify the repository's history without proper authorization. While CVE-2024-32004 addressed a similar issue, this vulnerability highlights scenarios where those fixes are insufficient, particularly when dealing with .zip files containing malicious repository data. The potential impact extends to any system utilizing Git for version control, especially in collaborative environments where users share repositories.
CVE-2024-32465 was disclosed on May 14, 2024. It builds upon CVE-2024-32004, indicating a potential pattern of vulnerabilities related to repository handling. The EPSS score is currently pending evaluation. Public proof-of-concept exploits are not yet widely available, but the nature of the vulnerability suggests that they are likely to emerge. Monitor CISA and NVD for updates and potential exploitation activity.
Development teams using local Git repositories, particularly those sharing repositories between users or integrating with build systems, are at increased risk. Organizations with legacy Git configurations or those relying on older versions of Git are also vulnerable.
• linux / server:
journalctl -u git | grep -i "error" -i "warning"• linux / server:
ps aux | grep git• generic web: Inspect Git server access logs for unusual cloning patterns or requests from unexpected sources. • generic web: Check Git configuration files for any unauthorized modifications or suspicious entries.
disclosure
Exploit-Status
EPSS
0.15% (36% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation is to upgrade to Git version 2.45.1 or later. If an immediate upgrade is not feasible, consider implementing stricter access controls to limit who can clone repositories from other users. Employing git clone --no-local is a recommended practice for untrusted repositories, but this vulnerability demonstrates that it's not always sufficient. Consider using a Web Application Firewall (WAF) or proxy to inspect Git traffic and block suspicious requests. Monitor Git logs for unusual activity, such as unexpected file modifications or access attempts. There are no specific Sigma or YARA rules readily available for this vulnerability at the time of writing, but monitoring for unusual file creation or modification patterns within Git repositories is advised.
Actualice Git a la versión 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2 o 2.39.4, o superior. Evite usar Git en repositorios obtenidos a través de archivos de fuentes no confiables. Si no puede actualizar inmediatamente, tenga precaución al trabajar con repositorios obtenidos de fuentes no confiables.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-32465 is a HIGH severity vulnerability in Git affecting versions ≤2.43.0 and <2.43.4. It allows attackers to bypass repository protections during cloning, potentially exposing sensitive data.
You are affected if you are using Git versions less than or equal to 2.43.0 or prior to 2.43.4. Check your Git version using git --version.
Upgrade to Git version 2.45.1 or later. You can download the latest version from the official Git website.
While public exploits are not widespread, the vulnerability's nature suggests a potential for exploitation, and it's recommended to apply the patch promptly.
Refer to the Git Security Advisory: https://git-scm.com/downloads/security
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.