PT-2023-1321 · Git+10 · Git+10

Joern Schneeweisz

·

Published

2023-01-17

·

Updated

2026-02-13

·

CVE-2022-41903

CVSS v2.0

10

Critical

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Git versions prior to 2.30.7
Description The issue is related to an integer overflow in the pretty.c::format and pad commit() function of the Git distributed revision control system. This overflow can result in arbitrary heap writes, potentially leading to arbitrary code execution. The vulnerability can be triggered directly by a user running a command that invokes the commit formatting machinery, such as git log --format=..., or indirectly through git archive via the export-subst mechanism.
Recommendations For versions prior to 2.30.7, upgrade to a version published on or after 2023-01-17. If an upgrade is not possible, disable git archive in untrusted repositories. If git archive is exposed via git daemon, disable it by running git config --global daemon.uploadArch false.

Exploit

Fix

Heap Based Buffer Overflow

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-122CWE-190

Related Identifiers

ALSA-2023:0610
ALSA-2023:0611
ALT-PU-2023-1067
ALT-PU-2023-1096
ALT-PU-2023-4135
AZL-13026
BDU:2023-00609
CESA-2023_0610
CESA-2023_0978
CVE-2022-41903
DLA-3282-1
DSA-5332-1
GHSA-475X-2Q3Q-HVWQ
MGASA-2023-0033
OESA-2023-1044
OPENSUSE-SU-2023_0108-1
OPENSUSE-SU-2023_0110-1
OPENSUSE-SU-2024:12625-1
RHSA-2023:0596
RHSA-2023:0597
RHSA-2023:0599
RHSA-2023:0609
RHSA-2023:0610
RHSA-2023:0611
RHSA-2023:0627
RHSA-2023:0628
RHSA-2023:0978
RHSA-2023:1677
RHSA-2023_0610
RHSA-2023_0611
RHSA-2023_0978
RLSA-2023:0610
RLSA-2023:0611
ROSA-SA-2023-2130
ROSA-SA-2024-2398
SUSE-SU-2023:0108-1
SUSE-SU-2023:0109-1
SUSE-SU-2023:0110-1
USN-5810-1
USN-5810-2
USN-5810-3
USN-5810-4

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Git
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu