openEuler update for git

Published: 2023-02-03

Risk	High
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2022-41953
CWE-ID	CWE-426
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	openEuler Operating systems & Components / Operating system perl-Git-SVN Operating systems & Components / Operating system package or component git-svn Operating systems & Components / Operating system package or component git-web Operating systems & Components / Operating system package or component git-help Operating systems & Components / Operating system package or component git-gui Operating systems & Components / Operating system package or component git-email Operating systems & Components / Operating system package or component perl-Git Operating systems & Components / Operating system package or component gitk Operating systems & Components / Operating system package or component git-daemon Operating systems & Components / Operating system package or component git-debugsource Operating systems & Components / Operating system package or component git-debuginfo Operating systems & Components / Operating system package or component git Operating systems & Components / Operating system package or component
Vendor	openEuler

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Untrusted search path

EUVDB-ID: #VU71240

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2022-41953

CWE-ID: CWE-426 - Untrusted Search Path

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insecure implementation of the Git GUI's Clone function, which automatically searches and executes the aspell.exe file after cloning the repository. A remote attacker can trick the victim into cloning a malicious repository and execute arbitrary code on the system by including the malicious aspell.exe file into the repository.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1 - 22.03 LTS SP1

perl-Git-SVN: before 2.27.0-11

git-svn: before 2.27.0-11

git-web: before 2.27.0-11

git-help: before 2.27.0-11

git-gui: before 2.27.0-11

git-email: before 2.27.0-11

perl-Git: before 2.27.0-11

gitk: before 2.27.0-11

git-daemon: before 2.27.0-11

git-debugsource: before 2.27.0-11

git-debuginfo: before 2.27.0-11

git: before 2.27.0-11

CPE2.3

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1059

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.