Git Patches Critical RCE Vulnerabilities – CVE-2024-32002 & CVE-2024-32004

CVE-2024-32002

The Git project, a cornerstone of software development, has recently addressed a series of critical security vulnerabilities that could expose users to remote code execution (CVE-2024-32002, CVE-2024-32004) and unauthorized data manipulation.

CVE-2024-32002

Critical Flaws Discovered:

Among the most severe vulnerabilities is CVE-2024-32002 (CVSS 9.1), which could allow an attacker to execute arbitrary code remotely by exploiting a bug in Git’s handling of submodules during cloning. This flaw has been identified in the way Git handles recursive clones on case-insensitive filesystems that support symbolic links. Repositories with submodules can be crafted to exploit this bug, causing Git to mistakenly write files into the .git/ directory instead of the submodule’s worktree. This allows an attacker to write a hook that executes during the clone operation, leaving users no opportunity to inspect the code.

Additionally, CVE-2024-32004 (CVSS 8.2) enables remote code execution when cloning specially crafted local repositories.

Other vulnerabilities, such as CVE-2024-32021 and CVE-2024-32020, could allow attackers to manipulate files within a cloned repository’s object database, potentially leading to unauthorized access or data corruption.

Furthermore, CVE-2024-32465 (CVSS 7.4) exposes a flaw that allows attackers to bypass Git’s protections for cloning untrusted repositories, opening the door to potential code execution through malicious hooks.

Immediate Action Required:

To safeguard against these vulnerabilities, Git users are strongly urged to update to the latest versions: v2.45.1, v2.44.1, v2.43.4, v2.42.2, v2.41.1, v2.40.2, and v2.39.4. While workarounds exist for some vulnerabilities, such as disabling symbolic link support, the most effective solution is to apply the official patches.