PT-2025-28866 · Debian+9 · Debian+10

J6T

·

Publicado

2025-01-01

·

Atualizado

2025-10-09

·

CVE-2025-46835

CVSS v3.1

8.5

Alta

VetorAV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L
Name of the Vulnerable Software and Affected Versions: git in Debian Linux (affected versions not specified)
Description: A flaw exists in Git GUI that allows for the creation and overwriting of arbitrary writable files. This occurs when a user clones an untrusted repository and is subsequently deceived into modifying a file within a maliciously named directory inside the repository.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Argument Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-88

Identificadores relacionados

ALSA-2025:11462
ALSA-2025:11533
ALSA-2025:11534
ALT-PU-2025-10893
ALT-PU-2025-9420
ALT-PU-2025-9640
BDU:2025-09361
CESA-2025_11534
CVE-2025-46835
DLA-4323-1
ECHO-9190-FA06-2D45
GHSA-XFX7-68V4-V8FG
INFSA-2025_11462
INFSA-2025_11534
OESA-2025-1844
OESA-2025-1845
OESA-2025-1846
OESA-2025-1847
OESA-2025-1848
OESA-2025-1849
OPENSUSE-SU-2025:15337-1
RHSA-2025:11462
RHSA-2025:11533
RHSA-2025:11534
RHSA-2025_11462
RHSA-2025_11534
SUSE-SU-2025:03012-1
SUSE-SU-2025:03022-1
SUSE-SU-2025:03037-1
SUSE-SU-2025:20721-1
SUSE-SU-2025:20855-1
SUSE-SU-2025_03012-1
SUSE-SU-2025_03022-1
SUSE-SU-2025_03037-1
USN-7626-1
USN-7626-2
USN-7626-3

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Git
Linuxmint
Red Hat
Rocky Linux
Suse
Ubuntu