Fedora 29 : git (2018-06090dff59)

critical Nessus Plugin ID 120213
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Fedora host is missing a security update.

Description

Upstream security update resolving an issue with `git clone
--recurse-submodules`.

From the [upstream release announcement](https://public-inbox.org/git/[email protected] .c.googlers.com/) :

> These releases fix a security flaw (CVE-2018-17456), which allowed an > attacker to execute arbitrary code by crafting a malicious .gitmodules > file in a project cloned with --recurse-submodules. > > When running 'git clone --recurse-submodules', Git parses the supplied > .gitmodules file for a URL field and blindly passes it as an argument > to a 'git clone' subprocess. If the URL field is set to a string that > begins with a dash, this 'git clone' subprocess interprets the URL as > an option. This can lead to executing an arbitrary script shipped in > the superproject as the user who ran 'git clone'. > > In addition to fixing the security issue for the user running 'clone', > the 2.17.2, 2.18.1 and 2.19.1 releases have an 'fsck' check which can > be used to detect such malicious repository content when fetching or > accepting a push. See 'transfer.fsckObjects' in git-config(1). > > Credit for finding and fixing this vulnerability goes to joernchen > and Jeff King, respectively.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected git package.

See Also

https://bodhi.fedoraproject.org/updates/FEDORA-2018-06090dff59

Plugin Details

Severity: Critical

ID: 120213

File Name: fedora_2018-06090dff59.nasl

Version: 1.7

Type: local

Agent: unix

Published: 1/3/2019

Updated: 1/6/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:F/RL:OF/RC:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:git, cpe:/o:fedoraproject:fedora:29

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/9/2018

Vulnerability Publication Date: 10/6/2018

Exploitable With

Metasploit (Malicious Git HTTP Server For CVE-2018-17456)

Reference Information

CVE: CVE-2018-17456