PoC Exploit Released for Critical Git RCE Vulnerability

A critical vulnerability in Git, identified as CVE-2024-32002, has recently come to light, posing significant risks to users of the widely used version control system.

The vulnerability allows for remote code execution (RCE) during the cloning of repositories with submodules, and proof-of-concept (PoC) exploits have already been released, raising concerns within the cybersecurity community, a tweet by ThreatMon.

ANYRUN malware sandbox’s 8th Birthday Special Offer: Grab 6 Months of Free Service

CVE-2024-32002 – Details of the Vulnerability

The CVE-2024-32002 vulnerability exploits a subtle interaction between case-insensitive filesystems and symbolic links.

By crafting a repository with a specially designed submodule and a symbolic link, attackers can deceive Git into executing a malicious hook script during the clone process.

To mitigate the risks associated with CVE-2024-32002, users are advised to disable symbolic link support in Git by using the command git config –global core.symlinks false. Additionally, it is crucial to avoid cloning repositories from untrusted sources.

Git has released patches in versions v2.45.1, v2.44.1, v2.43.4, v2.42.2, v2.41.1, v2.40.2, and v2.39.4 to address this and other vulnerabilities, including CVE-2024-32004, which also allows RCE but under different conditions.

The widespread use of Git in software development, including platforms like GitHub and GitLab, amplifies the potential impact of this vulnerability.

For those unable to update immediately, caution is advised when cloning repositories from untrusted sources.

The cybersecurity community continues to monitor the situation closely, with ongoing efforts to enhance the security of Git and related tools.

For more detailed information and updates, visit the Git Security page on GitHub and stay informed about the latest advisories and security issues related to Git.

Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers

Divya is a Senior Journalist at Cyber Security news covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.