ASA-2019-00661 – Git: Arbitrary path overwriting via export-marks command option

Posted on December 11, 2019December 12, 2019 by Allele Security Intelligence in Alerts

Allele Security Alert

ASA-2019-00661

Identifier(s)

ASA-2019-00661, CVE-2019-1348

Title

Arbitrary path overwriting via export-marks command option

Vendor(s)

the Git project

Product(s)

Git

Affected version(s)

Git versions 2.24.x before 2.24.1
Git versions 2.23.x before 2.23.1
Git versions 2.22.x before 2.22.2
Git versions 2.21.x before 2.21.1
Git versions 2.20.x before 2.20.2
Git versions 2.19.x before 2.19.3
Git versions 2.18.x before 2.18.2
Git versions 2.17.x before 2.17.3
Git versions 2.16.x before 2.16.6
Git versions 2.15.x before 2.15.4
Git versions 2.14.x before 2.14.6

Fixed version(s)

Git version 2.24.1
Git version 2.23.1
Git version 2.22.2
Git version 2.21.1
Git version 2.20.2
Git version 2.19.3
Git version 2.18.2
Git version 2.17.3
Git version 2.16.6
Git version 2.15.4
Git version 2.14.6

Git versions with the following commit:

fast-import: disallow “feature export-marks” by default
https://git.kernel.org/pub/scm/git/git.git/commit/?id=68061e3470210703cb15594194718d35094afdc0

Proof of concept

Unknown

Description

The –export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=… and it allows overwriting arbitrary paths.

Technical details

Unknown

Credits

Unknown

Reference(s)

[ANNOUNCE] Git v2.24.1 and others
https://lkml.org/lkml/2019/12/10/905

fast-import: disallow “feature export-marks” by default
https://git.kernel.org/pub/scm/git/git.git/commit/?id=68061e3470210703cb15594194718d35094afdc0

fast-import: disallow “feature export-marks” by default
https://github.com/git/git/commit/68061e3470210703cb15594194718d35094afdc0

Git v2.24.1 Release Notes
https://github.com/git/git/blob/master/Documentation/RelNotes/2.24.1.txt

Git v2.23.1 Release Notes
https://github.com/git/git/blob/master/Documentation/RelNotes/2.23.1.txt

Git v2.22.2 Release Notes
https://github.com/git/git/blob/master/Documentation/RelNotes/2.22.2.txt

Git v2.21.1 Release Notes
https://github.com/git/git/blob/master/Documentation/RelNotes/2.21.1.txt

Git v2.20.2 Release Notes
https://github.com/git/git/blob/master/Documentation/RelNotes/2.20.2.txt

Git v2.19.3 Release Notes
https://github.com/git/git/blob/master/Documentation/RelNotes/2.19.3.txt

Git v2.18.2 Release Notes
https://github.com/git/git/blob/master/Documentation/RelNotes/2.18.2.txt

Git v2.17.3 Release Notes
https://github.com/git/git/blob/master/Documentation/RelNotes/2.17.3.txt

Git v2.16.6 Release Notes
https://github.com/git/git/blob/master/Documentation/RelNotes/2.16.6.txt

Git v2.15.4 Release Notes
https://github.com/git/git/blob/master/Documentation/RelNotes/2.15.4.txt

Git v2.14.6 Release Notes
https://github.com/git/git/blob/master/Documentation/RelNotes/2.14.6.txt

CVE-2019-1348
https://security.archlinux.org/CVE-2019-1348

CVE-2019-1348 - Red Hat Customer Portal
https://access.redhat.com/security/cve/CVE-2019-1348

CVE-2019-1348 in Ubuntu
https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1348.html

CVE-2019-1348
https://security-tracker.debian.org/tracker/CVE-2019-1348

CVE-2019-1348
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348

CVE-2019-1348
https://nvd.nist.gov/vuln/detail/CVE-2019-1348

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: December 12, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.

Related

© 2020 Allele Security Intelligence.
All rights reserved. Privacy Policy.

%d