CVE-2022-24765

7.8

HIGH

Git for Windows Traversal Vulnerability

Description

Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable as well. Users who installed posh-gitare vulnerable simply by starting a PowerShell. Users of IDEs such as Visual Studio are vulnerable: simply creating a new project would already read and respect the config specified in `C:\.git\config`. Users of the Microsoft fork of Git are vulnerable simply by starting a Git Bash. The problem has been patched in Git for Windows v2.35.2. Users unable to upgrade may create the folder `.git` on all drives where Git commands are run, and remove read/write access from those folders as a workaround. Alternatively, define or extend `GIT_CEILING_DIRECTORIES` to cover the _parent_ directory of the user profile, e.g. `C:\Users` if the user profile is located in `C:\Users\my-user-name`.

INFO

Published Date :

April 12, 2022, 6:15 p.m.

Last Modified :

Dec. 27, 2023, 10:15 a.m.

Source :

[email protected]

Remotely Exploitable :

No

Impact Score :

5.9

Exploitability Score :

1.8 Public PoC/Exploit Available at Github

CVE-2022-24765 has a 7 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2022-24765 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Fedoraproject	fedora
1	Debian	debian_linux
1	Apple	xcode
1	Git-scm	git
1	Git_for_windows_project	git_for_windows

: Total Affected Vendor : 5 | Products : 5

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2022-24765.

URL	Resource
http://seclists.org/fulldisclosure/2022/May/31	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2022/04/12/7	Mailing List Third Party Advisory
https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash	Vendor Advisory
https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode	Vendor Advisory
https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2	Mitigation Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/
https://security.gentoo.org/glsa/202312-15
https://support.apple.com/kb/HT213261	Third Party Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

makiuchi-d/act-fail-example

None

Updated: 1 year, 2 months ago

0 stars 0 fork 0 watcher

Born at : Aug. 29, 2023, 6:12 a.m. This repo has been linked 1 different CVEs too.

9069332997/session-1-full-stack

zomotoa food app

Updated: 1 year, 5 months ago

0 stars 0 fork 0 watcher

Born at : June 9, 2023, 7:24 a.m. This repo has been linked 39 different CVEs too.

bowling233/dotfiles

Repository to sync my dotfiles

Shell Vim Script

Updated: 1 week, 2 days ago

1 stars 0 fork 0 watcher

Born at : Jan. 7, 2023, 3:51 p.m. This repo has been linked 1 different CVEs too.

bisdn/bisdn-linux

None

Shell

Updated: 2 months, 3 weeks ago

9 stars 2 fork 2 watcher

Born at : Aug. 11, 2021, 1:31 p.m. This repo has been linked 1 different CVEs too.

hdclark/Ygor

Ygor was written to factor common code amongst a handful of disparate projects.

mathematics utility-library

CMake Shell C++ C Nix

Updated: 3 months ago

3 stars 0 fork 0 watcher

Born at : April 27, 2017, 10:14 p.m. This repo has been linked 1 different CVEs too.

JDimproved/JDim

2ch browser for linux

2ch browser linux

Shell C++ C Meson

Updated: 2 months, 2 weeks ago

46 stars 11 fork 11 watcher

Born at : Dec. 27, 2015, 3:37 a.m. This repo has been linked 1 different CVEs too.

davetang/getting_started_with_git

Learning Git

git github gitlab

Shell

Updated: 2 months, 3 weeks ago

2 stars 1 fork 1 watcher

Born at : Sept. 4, 2013, 2:48 p.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2022-24765 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2022-24765 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

Action	Type	Old Value	New Value
Added	Reference		GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/ [No types assigned]
Added	Reference		GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/ [No types assigned]
Added	Reference		GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/ [No types assigned]
Added	Reference		GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/ [No types assigned]
Added	Reference		GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/ [No types assigned]
Added	Reference		GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/ [No types assigned]
Added	Reference		GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/ [No types assigned]
Added	Reference		GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/ [No types assigned]
Added	Reference		GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/ [No types assigned]
Removed	Reference	GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/
Removed	Reference	GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/
Removed	Reference	GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/
Removed	Reference	GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/
Removed	Reference	GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/
Removed	Reference	GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/
Removed	Reference	GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/
Removed	Reference	GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/
Removed	Reference	GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/

Action	Type	Old Value	New Value
Changed	Reference Type	http://seclists.org/fulldisclosure/2022/May/31 Third Party Advisory	http://seclists.org/fulldisclosure/2022/May/31 Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html No Types Assigned	https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.fedoraproject.org/archives/list/[email protected]/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/ No Types Assigned	https://lists.fedoraproject.org/archives/list/[email protected]/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/ Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.fedoraproject.org/archives/list/[email protected]/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/ No Types Assigned	https://lists.fedoraproject.org/archives/list/[email protected]/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/ Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.fedoraproject.org/archives/list/[email protected]/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/ No Types Assigned	https://lists.fedoraproject.org/archives/list/[email protected]/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/ Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.fedoraproject.org/archives/list/[email protected]/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/ No Types Assigned	https://lists.fedoraproject.org/archives/list/[email protected]/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/ Mailing List, Third Party Advisory
Changed	CPE Configuration	OR cpe:2.3:o:fedoraproject:fedora:34::::::: cpe:2.3:o:fedoraproject:fedora:35::::::: cpe:2.3:o:fedoraproject:fedora:36:::::::	OR cpe:2.3:o:fedoraproject:fedora:34::::::: cpe:2.3:o:fedoraproject:fedora:35::::::: cpe:2.3:o:fedoraproject:fedora:36::::::: cpe:2.3:o:fedoraproject:fedora:37:::::::
Added	CPE Configuration		OR cpe:2.3:o:debian:debian_linux:10.0:::::::

Action	Type	Old Value	New Value
Added	CVSS V2		NIST (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Added	CVSS V3.1		NIST AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Changed	Reference Type	http://www.openwall.com/lists/oss-security/2022/04/12/7 No Types Assigned	http://www.openwall.com/lists/oss-security/2022/04/12/7 Mailing List, Third Party Advisory
Changed	Reference Type	https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2 No Types Assigned	https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2 Mitigation, Third Party Advisory
Changed	Reference Type	https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash No Types Assigned	https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash Vendor Advisory
Changed	Reference Type	https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode No Types Assigned	https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode Vendor Advisory
Added	CPE Configuration		AND OR cpe:2.3:a:git-scm:git::::::::* versions up to (excluding) 2.35.2 OR cpe:2.3:o:microsoft:windows:-:::::::*

CVE-2022-24765

Git for Windows Traversal Vulnerability

Description

INFO

April 12, 2022, 6:15 p.m.

Dec. 27, 2023, 10:15 a.m.

No

5.9

1.8

Public PoC/Exploit Available at Github

Affected Products

References to Advisories, Solutions, and Tools

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Initial Analysis by [email protected]

CVE Modified by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

0.05 }} 0.00%

0.14096

CVSS31 - Vulnerability Scoring System

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable