Alerts This Week
Warning Icon 1 664
Alerts This Week
Warning Icon 1 664

Ubuntu 22.04: USN-5511-1 Critical: Git Command Execution Risk

Calendar Jul 13, 2022 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory critical ubuntu arbitrary command attack vector administrative access git
Git could be made to run arbitrary commands as an administrator if it received specially crafted inputs. 
=========================================================================Ubuntu Security Notice USN-5511-1
July 13, 2022

git vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS
- Ubuntu 21.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

Git could be made to run arbitrary commands as an administrator
if it received specially crafted inputs.

Software Description:
- git: fast, scalable, distributed revision control system

Details:

Carlo Marcelo Arenas Belón discovered that an issue related to CVE-2022-24765
still affected Git. An attacker could possibly use this issue to
run arbitrary commands as administrator. (CVE-2022-29187)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
  git                             1:2.34.1-1ubuntu1.4

Ubuntu 21.10:
  git                             1:2.32.0-1ubuntu1.3

Ubuntu 20.04 LTS:
  git                             1:2.25.1-1ubuntu3.5

Ubuntu 18.04 LTS:
  git                             1:2.17.1-1ubuntu0.12

In general, a standard system update will make all the necessary changes.

References:
  
  CVE-2022-29187

Package Information:
  https://launchpad.net/ubuntu/+source/git/1:2.34.1-1ubuntu1.4
  https://launchpad.net/ubuntu/+source/git/1:2.32.0-1ubuntu1.3
  https://launchpad.net/ubuntu/+source/git/1:2.25.1-1ubuntu3.5
  https://launchpad.net/ubuntu/+source/git/1:2.17.1-1ubuntu0.12

Ubuntu 22.04: USN-5511-1 Critical: Git Command Execution Risk

ubuntu
Calendar Grey July 13, 2022
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-5512-1 addresses vulnerabilities in Samba that could lead to unauthorized access and data leakage through manipulated requests.
Git could be made to run arbitrary commands as an administrator if it received specially crafted inputs.

Summary

Topics%20covered

Topics Covered

security advisory critical ubuntu arbitrary command attack vector administrative access git

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: git 1:2.34.1-1ubuntu1.4 Ubuntu 21.10: git 1:2.32.0-1ubuntu1.3 Ubuntu 20.04 LTS: git 1:2.25.1-1ubuntu3.5 Ubuntu 18.04 LTS: git 1:2.17.1-1ubuntu0.12 In general, a standard system update will make all the necessary changes.

References

CVE-2022-29187

Severity
critical
Lowest
Low
Medium
High
Critical

July 13, 2022

Topics%20covered

Topics Covered

security advisory critical ubuntu arbitrary command attack vector administrative access git

Package Information

https://launchpad.net/ubuntu/+source/git/1:2.34.1-1ubuntu1.4 https://launchpad.net/ubuntu/+source/git/1:2.32.0-1ubuntu1.3 https://launchpad.net/ubuntu/+source/git/1:2.25.1-1ubuntu3.5 https://launchpad.net/ubuntu/+source/git/1:2.17.1-1ubuntu0.12

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here