Vulnerability Details : CVE-2022-29187
Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks.
Vulnerability category: Gain privilege
Products affected by CVE-2022-29187
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
- cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
- cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
- cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
- cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
- cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
- cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
- cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
- cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-29187
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 14 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-29187
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
GitHub, Inc. |
CWE ids for CVE-2022-29187
-
The product assigns the wrong ownership, or does not properly verify the ownership, of an object or resource.Assigned by: security-advisories@github.com (Primary)
-
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.Assigned by:
- nvd@nist.gov (Secondary)
- security-advisories@github.com (Primary)
References for CVE-2022-29187
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/
[SECURITY] Fedora 36 Update: libgit2-1.3.2-1.fc36 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/
[SECURITY] Fedora 36 Update: git-2.37.1-1.fc36 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://support.apple.com/kb/HT213496
About the security content of Xcode 14.1 - Apple SupportThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/
[SECURITY] Fedora 35 Update: git-2.37.1-1.fc35 - package-announce - Fedora Mailing-Lists
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/
[SECURITY] Fedora 36 Update: rust-bat-0.21.0-6.fc36 - package-announce - Fedora Mailing-Lists
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/
[SECURITY] Fedora 36 Update: libgit2-1.3.2-1.fc36 - package-announce - Fedora Mailing-Lists
-
https://lore.kernel.org/git/xmqqv8s2fefi.fsf@gitster.g/T/#u
[ANNOUNCE] Git v2.37.1 and othersMailing List;Release Notes;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2022/07/14/1
oss-security - Git v2.37.1 and friends for CVE-2022-29187Mailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/
[SECURITY] Fedora 37 Update: libgit2-1.3.2-1.fc37 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://security.gentoo.org/glsa/202312-15
Git: Multiple Vulnerabilities (GLSA 202312-15) — Gentoo security
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/
[SECURITY] Fedora 35 Update: git-2.37.1-1.fc35 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/
[SECURITY] Fedora 36 Update: rust-bat-0.21.0-6.fc36 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/
[SECURITY] Fedora 36 Update: git-2.37.1-1.fc36 - package-announce - Fedora Mailing-Lists
-
https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html
[SECURITY] [DLA 3239-1] git security updateMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/
[SECURITY] Fedora 37 Update: rust-cargo-c-0.9.12-3.fc37 - package-announce - Fedora Mailing-Lists
-
https://lore.kernel.org/git/xmqqv8s2fefi.fsf%40gitster.g/T/#u
[ANNOUNCE] Git v2.37.1 and others
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/
[SECURITY] Fedora 37 Update: rust-cargo-c-0.9.12-3.fc37 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://github.blog/2022-04-12-git-security-vulnerability-announced
Git security vulnerability announced | The GitHub BlogThird Party Advisory
-
https://github.com/git/git/security/advisories/GHSA-j342-m5hw-rr3v
Bypass of safe.directory protections · Advisory · git/git · GitHubThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/
[SECURITY] Fedora 37 Update: libgit2-1.3.2-1.fc37 - package-announce - Fedora Mailing-Lists
-
https://security.gentoo.org/glsa/202401-17
libgit2: Privilege Escalation Vulnerability (GLSA 202401-17) — Gentoo security
-
http://seclists.org/fulldisclosure/2022/Nov/1
Full Disclosure: APPLE-SA-2022-11-01-1 Xcode 14.1Mailing List;Third Party Advisory
Jump to