Ubuntu update for Git



Published: 2019-12-12
Risk High
Patch available YES
Number of vulnerabilities 9
CVE-ID CVE-2019-1354
CVE-2019-1387
CVE-2019-19604
CVE-2019-1353
CVE-2019-1352
CVE-2019-1349
CVE-2019-1350
CVE-2019-1351
CVE-2019-1348
CWE-ID CWE-20
CWE-78
CWE-276
CWE-36
CWE-22
Exploitation vector Network
Public exploit Public exploit code for vulnerability #3 is available.
Vulnerable software
Subscribe 		git (Ubuntu package)
Operating systems & Components / Operating system package or component

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains information about 9 vulnerabilities.

1) Input validation error

EUVDB-ID: #VU23491

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-1354

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insufficient validation of user-supplied input within the Git for Visual Studio. A remote attacker can convince the user to clone a malicious repo and execute arbitrary code on the target system.

Mitigation

Update the affected packages.

Ubuntu 19.10
git - 1:2.20.1-2ubuntu1.19.10.1
Ubuntu 19.04
git - 1:2.20.1-2ubuntu1.19.04.1
Ubuntu 18.04 LTS
git - 1:2.17.1-1ubuntu0.5
Ubuntu 16.04 LTS
git - 1:2.7.4-0ubuntu1.7

Vulnerable software versions

git (Ubuntu package): 1:2.7.4-0ubuntu1.1 - 1:2.17.1-1ubuntu0.4

External links

http://usn.ubuntu.com/4220-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Input validation error

EUVDB-ID: #VU23488

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-1387

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insufficient validation of user-supplied input within the Git for Visual Studio. A remote attacker can convince the user to clone a malicious repo and execute arbitrary code on the target system. 

Mitigation

Update the affected packages.

Ubuntu 19.10
git - 1:2.20.1-2ubuntu1.19.10.1
Ubuntu 19.04
git - 1:2.20.1-2ubuntu1.19.04.1
Ubuntu 18.04 LTS
git - 1:2.17.1-1ubuntu0.5
Ubuntu 16.04 LTS
git - 1:2.7.4-0ubuntu1.7

Vulnerable software versions

git (Ubuntu package): 1:2.7.4-0ubuntu1.1 - 1:2.17.1-1ubuntu0.4

External links

http://usn.ubuntu.com/4220-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) OS Command Injection

EUVDB-ID: #VU23556

Risk: High

CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-19604

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to a "git submodule update" operation can run commands found in the ".gitmodules" file of a malicious repository. A remote unauthenticated attacker can execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages.

Ubuntu 19.10
git - 1:2.20.1-2ubuntu1.19.10.1
Ubuntu 19.04
git - 1:2.20.1-2ubuntu1.19.04.1
Ubuntu 18.04 LTS
git - 1:2.17.1-1ubuntu0.5
Ubuntu 16.04 LTS
git - 1:2.7.4-0ubuntu1.7

Vulnerable software versions

git (Ubuntu package): 1:2.7.4-0ubuntu1.1 - 1:2.17.1-1ubuntu0.4

External links

http://usn.ubuntu.com/4220-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

4) Incorrect default permissions

EUVDB-ID: #VU23555

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-1353

CWE-ID: CWE-276 - Incorrect Default Permissions

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists to due none of the NTFS protections are active when accessing a working directory on a regular Windows drive. A local user with access to the system can view contents of files and directories or modify them.

Note: This vulnerability occurs when running Git in the Windows Subsystem for Linux (also known as "WSL").

Mitigation

Update the affected packages.

Ubuntu 19.10
git - 1:2.20.1-2ubuntu1.19.10.1
Ubuntu 19.04
git - 1:2.20.1-2ubuntu1.19.04.1
Ubuntu 18.04 LTS
git - 1:2.17.1-1ubuntu0.5
Ubuntu 16.04 LTS
git - 1:2.7.4-0ubuntu1.7

Vulnerable software versions

git (Ubuntu package): 1:2.7.4-0ubuntu1.1 - 1:2.17.1-1ubuntu0.4

External links

http://usn.ubuntu.com/4220-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Input validation error

EUVDB-ID: #VU23492

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-1352

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insufficient validation of user-supplied input within the Git for Visual Studio. A remote attacker can convince the user to clone a malicious repo and execute arbitrary code on the target system.

Mitigation

Update the affected packages.

Ubuntu 19.10
git - 1:2.20.1-2ubuntu1.19.10.1
Ubuntu 19.04
git - 1:2.20.1-2ubuntu1.19.04.1
Ubuntu 18.04 LTS
git - 1:2.17.1-1ubuntu0.5
Ubuntu 16.04 LTS
git - 1:2.7.4-0ubuntu1.7

Vulnerable software versions

git (Ubuntu package): 1:2.7.4-0ubuntu1.1 - 1:2.17.1-1ubuntu0.4

External links

http://usn.ubuntu.com/4220-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Input validation error

EUVDB-ID: #VU23494

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-1349

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insufficient validation of user-supplied input within the Git for Visual Studio. A remote attacker can convince the user to clone a malicious repo and execute arbitrary code on the target system.

Mitigation

Update the affected packages.

Ubuntu 19.10
git - 1:2.20.1-2ubuntu1.19.10.1
Ubuntu 19.04
git - 1:2.20.1-2ubuntu1.19.04.1
Ubuntu 18.04 LTS
git - 1:2.17.1-1ubuntu0.5
Ubuntu 16.04 LTS
git - 1:2.7.4-0ubuntu1.7

Vulnerable software versions

git (Ubuntu package): 1:2.7.4-0ubuntu1.1 - 1:2.17.1-1ubuntu0.4

External links

http://usn.ubuntu.com/4220-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Input validation error

EUVDB-ID: #VU23493

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-1350

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insufficient validation of user-supplied input within the Git for Visual Studio. A remote attacker can convince the user to clone a malicious repo and execute arbitrary code on the target system.

Mitigation

Update the affected packages.

Ubuntu 19.10
git - 1:2.20.1-2ubuntu1.19.10.1
Ubuntu 19.04
git - 1:2.20.1-2ubuntu1.19.04.1
Ubuntu 18.04 LTS
git - 1:2.17.1-1ubuntu0.5
Ubuntu 16.04 LTS
git - 1:2.7.4-0ubuntu1.7

Vulnerable software versions

git (Ubuntu package): 1:2.7.4-0ubuntu1.1 - 1:2.17.1-1ubuntu0.4

External links

http://usn.ubuntu.com/4220-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Absolute Path Traversal

EUVDB-ID: #VU23500

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-1351

CWE-ID: CWE-36 - Absolute Path Traversal

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to the Git for Visual Studio improperly handles virtual drive paths. A remote attacker can clone a file using a specially crafted path and write arbitrary files and directories to certain locations on a vulnerable system.


Mitigation

Update the affected packages.

Ubuntu 19.10
git - 1:2.20.1-2ubuntu1.19.10.1
Ubuntu 19.04
git - 1:2.20.1-2ubuntu1.19.04.1
Ubuntu 18.04 LTS
git - 1:2.17.1-1ubuntu0.5
Ubuntu 16.04 LTS
git - 1:2.7.4-0ubuntu1.7

Vulnerable software versions

git (Ubuntu package): 1:2.7.4-0ubuntu1.1 - 1:2.17.1-1ubuntu0.4

External links

http://usn.ubuntu.com/4220-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Path traversal

EUVDB-ID: #VU23554

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-1348

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when the export-marks option of git fast-import is exposed also via the in-stream command feature. A remote attacker can send a specially crafted HTTP request and overwrite arbitrary paths on the system.

Mitigation

Update the affected packages.

Ubuntu 19.10
git - 1:2.20.1-2ubuntu1.19.10.1
Ubuntu 19.04
git - 1:2.20.1-2ubuntu1.19.04.1
Ubuntu 18.04 LTS
git - 1:2.17.1-1ubuntu0.5
Ubuntu 16.04 LTS
git - 1:2.7.4-0ubuntu1.7

Vulnerable software versions

git (Ubuntu package): 1:2.7.4-0ubuntu1.1 - 1:2.17.1-1ubuntu0.4

External links

http://usn.ubuntu.com/4220-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###