A critical vulnerability in Git, known as CVE-2024-32002, has recently emerged, posing substantial risks to users of this popular version control system. This vulnerability facilitates remote code execution (RCE) during repository cloning with submodules, and the release of proof-of-concept (PoC) exploits has heightened concerns within the cybersecurity community, as noted in a tweet by ThreatMon.
CVE-2024-32002
The CVE-2024-32002 vulnerability exploits an interaction between case-insensitive filesystems and symbolic links. Attackers can manipulate Git into running a malicious hook script by creating a repository with a crafted submodule and symbolic link during cloning.
To mitigate risks from CVE-2024-32002, users should disable symbolic link support in Git using the command git config –global core.symlinks false. Additionally, it’s vital to avoid cloning repositories from untrusted sources.
Git has issued patches in versions v2.45.1, v2.44.1, v2.43.4, v2.42.2, v2.41.1, v2.40.2, and v2.39.4 to fix this and other vulnerabilities, including CVE-2024-32004, which also permits RCE but in different circumstances.
Given Git’s widespread use in software development, including platforms like GitHub and GitLab, this vulnerability has significant potential impact.
For users unable to update immediately, caution is recommended when cloning repositories from untrusted sources.
The cybersecurity community remains vigilant, actively working to bolster the security of Git and associated tools.
For comprehensive details and updates, visit the Git Security page on GitHub. Stay informed about the latest advisories and security concerns related to Git.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment