 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.12.2024.6793.1 |
| Category: | Ubuntu Local Security Checks |
| Title: | Ubuntu: Security Advisory (USN-6793-1) |
| Summary: | The remote host is missing an update for the 'git' package(s) announced via the USN-6793-1 advisory. |
| Description: | Summary: The remote host is missing an update for the 'git' package(s) announced via the USN-6793-1 advisory. Vulnerability Insight: It was discovered that Git incorrectly handled certain submodules. An attacker could possibly use this issue to execute arbitrary code. This issue was fixed in Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2024-32002) It was discovered that Git incorrectly handled certain cloned repositories. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-32004) It was discovered that Git incorrectly handled local clones with hardlinked files/directories. An attacker could possibly use this issue to place a specialized repository on their target's local system. (CVE-2024-32020) It was discovered that Git incorrectly handled certain symlinks. An attacker could possibly use this issue to impact availability and integrity creating hardlinked arbitrary files into users repository's objects/directory. (CVE-2024-32021) It was discovered that Git incorrectly handled certain cloned repositories. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-32465) Affected Software/OS: 'git' package(s) on Ubuntu 20.04, Ubuntu 22.04, Ubuntu 23.10, Ubuntu 24.04. Solution: Please install the updated package(s). CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2024-32002 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/ https://git-scm.com/docs/git-clone#Documentation/git-clone.txt---recurse-submodulesltpathspecgt https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d https://github.com/git/git/security/advisories/GHSA-8h77-4q3w-gfgv http://www.openwall.com/lists/oss-security/2024/05/14/2 Common Vulnerability Exposure (CVE) ID: CVE-2024-32004 https://git-scm.com/docs/git-clone https://github.com/git/git/commit/f4aa8c8bb11dae6e769cd930565173808cbb69c8 https://github.com/git/git/security/advisories/GHSA-xfc6-vwr8-r389 Common Vulnerability Exposure (CVE) ID: CVE-2024-32020 https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703 https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj Common Vulnerability Exposure (CVE) ID: CVE-2024-32021 https://github.com/git/git/security/advisories/GHSA-mvxm-9j2h-qjx7 Common Vulnerability Exposure (CVE) ID: CVE-2024-32465 https://git-scm.com/docs/git#_security https://github.com/git/git/commit/7b70e9efb18c2cc3f219af399bd384c5801ba1d7 https://github.com/git/git/security/advisories/GHSA-vm9j-46j9-qvq4 |
| Copyright | Copyright (C) 2024 Greenbone AG |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |