Intrusion PreventionGit.Patch.Reject.Arbitrary.File.Write
Description
This indicates an attack attempt to exploit an Arbitrary File Write Vulnerability in GIT.
This vulnerability is due to improper handling of patch files in the git apply feature. A remote attacker could exploit this vulnerability by enticing a user to apply a malicious patch. Successfully exploiting this vulnerability could result in arbitrary file overwrite in the target user's system.
Affected Products
GIT GIT 2.30.X prior to 2.30.9
GIT GIT 2.31.X prior to 2.31.8
GIT GIT 2.32.X prior to 2.32.7
GIT GIT 2.33.X prior to 2.33.8
GIT GIT 2.34.X prior to 2.34.8
GIT GIT 2.35.X prior to 2.35.8
GIT GIT 2.36.X prior to 2.36.6
GIT GIT 2.37.X prior to 2.37.7
GIT GIT 2.38.X prior to 2.38.5
GIT GIT 2.39.X prior to 2.39.3
GIT GIT 2.40.X prior to 2.40.1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2024-06-10 | 28.803 | Name:Git. Source. Code. Management. Patch. Reject. Arbitrary. File. Write:Git. Patch. Reject. Arbitrary. File. Write |
| 2023-07-06 | 24.595 | Default_action:pass:drop |
| 2023-06-26 | 24.589 |
| ID | 53301 |
| Created | Jun 15, 2023 |
| Updated | Jun 06, 2024 |
| Risk |
|
| CVE ID | CVE-2023-25652 |
| Exploit Prediction Score | 0.3% |
| Default Action | drop |
| Active | |
| Affected OS | Linux |
| Affected App | Other |