Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 2188333 (CVE-2023-25652) - CVE-2023-25652 git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents
Summary: CVE-2023-25652 git: by feeding specially crafted input to `git apply --reject...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2023-25652
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2188350 2188351 2188352 2188353 2188354 2188355 2188356 2188357 2188359 2188362 2188364 2188366 2188368 2189765 2189766 2189767
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-04-20 13:46 UTC by Sandipan Roy
Modified: 2023-06-26 18:13 UTC (History)
36 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in Git. This security flaw occurs when feeding specially crafted input to `git apply --reject`; a path outside the working tree can be overwritten with partially controlled contents corresponding to the rejected hunk(s) from the given patch.
Clone Of:
Environment:
Last Closed: 2023-05-31 18:33:28 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2023:3250 0 None None None 2023-05-22 10:37:54 UTC
Red Hat Product Errata RHBA-2023:3251 0 None None None 2023-05-22 11:26:46 UTC
Red Hat Product Errata RHBA-2023:3252 0 None None None 2023-05-22 11:28:58 UTC
Red Hat Product Errata RHBA-2023:3253 0 None None None 2023-05-22 11:29:03 UTC
Red Hat Product Errata RHBA-2023:3254 0 None None None 2023-05-22 14:34:41 UTC
Red Hat Product Errata RHBA-2023:3255 0 None None None 2023-05-22 16:25:01 UTC
Red Hat Product Errata RHBA-2023:3274 0 None None None 2023-05-23 13:14:02 UTC
Red Hat Product Errata RHBA-2023:3275 0 None None None 2023-05-23 13:42:40 UTC
Red Hat Product Errata RHBA-2023:3284 0 None None None 2023-05-24 05:17:41 UTC
Red Hat Product Errata RHBA-2023:3285 0 None None None 2023-05-24 05:19:06 UTC
Red Hat Product Errata RHBA-2023:3312 0 None None None 2023-05-25 09:42:11 UTC
Red Hat Product Errata RHBA-2023:3313 0 None None None 2023-05-25 09:18:54 UTC
Red Hat Product Errata RHBA-2023:3314 0 None None None 2023-05-25 09:42:05 UTC
Red Hat Product Errata RHBA-2023:3315 0 None None None 2023-05-25 09:43:59 UTC
Red Hat Product Errata RHBA-2023:3316 0 None None None 2023-05-25 09:42:21 UTC
Red Hat Product Errata RHBA-2023:3317 0 None None None 2023-05-25 09:52:42 UTC
Red Hat Product Errata RHBA-2023:3324 0 None None None 2023-05-25 13:45:36 UTC
Red Hat Product Errata RHBA-2023:3337 0 None None None 2023-05-29 00:39:15 UTC
Red Hat Product Errata RHBA-2023:3405 0 None None None 2023-05-31 17:26:50 UTC
Red Hat Product Errata RHBA-2023:3417 0 None None None 2023-05-31 21:26:04 UTC
Red Hat Product Errata RHBA-2023:3528 0 None None None 2023-06-07 08:54:03 UTC
Red Hat Product Errata RHBA-2023:3643 0 None None None 2023-06-15 16:29:45 UTC
Red Hat Product Errata RHBA-2023:3659 0 None None None 2023-06-19 06:24:03 UTC
Red Hat Product Errata RHBA-2023:3806 0 None None None 2023-06-26 18:13:51 UTC
Red Hat Product Errata RHSA-2023:3192 0 None None None 2023-05-17 15:20:38 UTC
Red Hat Product Errata RHSA-2023:3243 0 None None None 2023-05-22 06:50:45 UTC
Red Hat Product Errata RHSA-2023:3245 0 None None None 2023-05-22 07:04:03 UTC
Red Hat Product Errata RHSA-2023:3246 0 None None None 2023-05-22 07:04:41 UTC
Red Hat Product Errata RHSA-2023:3247 0 None None None 2023-05-22 07:07:41 UTC
Red Hat Product Errata RHSA-2023:3248 0 None None None 2023-05-22 07:03:53 UTC
Red Hat Product Errata RHSA-2023:3263 0 None None None 2023-05-23 09:16:57 UTC
Red Hat Product Errata RHSA-2023:3280 0 None None None 2023-05-23 14:44:23 UTC
Red Hat Product Errata RHSA-2023:3382 0 None None None 2023-05-31 14:14:27 UTC

Description Sandipan Roy 2023-04-20 13:46:43 UTC
CVE-2023-25652
By feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents corresponding to the rejected hunk(s) from the given patch).

Comment 3 Sandipan Roy 2023-04-26 05:55:40 UTC
Created git tracking bugs for this issue:

Affects: fedora-36 [bug 2189765]
Affects: fedora-37 [bug 2189766]
Affects: fedora-38 [bug 2189767]

Comment 5 errata-xmlrpc 2023-05-17 15:20:36 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:3192 https://access.redhat.com/errata/RHSA-2023:3192

Comment 6 errata-xmlrpc 2023-05-22 06:50:42 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2023:3243 https://access.redhat.com/errata/RHSA-2023:3243

Comment 7 errata-xmlrpc 2023-05-22 07:03:50 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:3248 https://access.redhat.com/errata/RHSA-2023:3248

Comment 8 errata-xmlrpc 2023-05-22 07:04:01 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:3245 https://access.redhat.com/errata/RHSA-2023:3245

Comment 9 errata-xmlrpc 2023-05-22 07:04:39 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:3246 https://access.redhat.com/errata/RHSA-2023:3246

Comment 10 errata-xmlrpc 2023-05-22 07:07:38 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:3247 https://access.redhat.com/errata/RHSA-2023:3247

Comment 11 errata-xmlrpc 2023-05-23 09:16:55 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:3263 https://access.redhat.com/errata/RHSA-2023:3263

Comment 12 errata-xmlrpc 2023-05-23 14:44:20 UTC
This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 7

Via RHSA-2023:3280 https://access.redhat.com/errata/RHSA-2023:3280

Comment 13 errata-xmlrpc 2023-05-31 14:14:24 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2023:3382 https://access.redhat.com/errata/RHSA-2023:3382

Comment 14 Product Security DevOps Team 2023-05-31 18:33:24 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2023-25652


Note You need to log in before you can comment on or make changes to this bug.