{"id":"UBUNTU-CVE-2022-24765","details":"Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable as well. Users who installed posh-gitare vulnerable simply by starting a PowerShell. Users of IDEs such as Visual Studio are vulnerable: simply creating a new project would already read and respect the config specified in `C:\\.git\\config`. Users of the Microsoft fork of Git are vulnerable simply by starting a Git Bash. The problem has been patched in Git for Windows v2.35.2. Users unable to upgrade may create the folder `.git` on all drives where Git commands are run, and remove read/write access from those folders as a workaround. Alternatively, define or extend `GIT_CEILING_DIRECTORIES` to cover the _parent_ directory of the user profile, e.g. `C:\\Users` if the user profile is located in `C:\\Users\\my-user-name`.","modified":"2026-01-30T01:20:11.182189Z","published":"2022-04-12T17:00:00Z","related":["USN-5376-1","USN-5376-2","USN-5376-3"],"upstream":["CVE-2022-24765"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-24765"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5376-1"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5376-2"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5376-3"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2022-24765"}],"affected":[{"package":{"name":"git","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/git@1:2.17.1-1ubuntu0.11?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.17.1-1ubuntu0.11"}]}],"versions":["1:2.14.1-1ubuntu4","1:2.15.1-1ubuntu2","1:2.17.0-1ubuntu1","1:2.17.1-1ubuntu0.1","1:2.17.1-1ubuntu0.3","1:2.17.1-1ubuntu0.4","1:2.17.1-1ubuntu0.5","1:2.17.1-1ubuntu0.6","1:2.17.1-1ubuntu0.7","1:2.17.1-1ubuntu0.8","1:2.17.1-1ubuntu0.9","1:2.17.1-1ubuntu0.10"],"ecosystem_specific":{"binaries":[{"binary_version":"1:2.17.1-1ubuntu0.11","binary_name":"git"},{"binary_version":"1:2.17.1-1ubuntu0.11","binary_name":"git-all"},{"binary_version":"1:2.17.1-1ubuntu0.11","binary_name":"git-cvs"},{"binary_version":"1:2.17.1-1ubuntu0.11","binary_name":"git-daemon-run"},{"binary_version":"1:2.17.1-1ubuntu0.11","binary_name":"git-daemon-sysvinit"},{"binary_version":"1:2.17.1-1ubuntu0.11","binary_name":"git-el"},{"binary_version":"1:2.17.1-1ubuntu0.11","binary_name":"git-email"},{"binary_version":"1:2.17.1-1ubuntu0.11","binary_name":"git-gui"},{"binary_version":"1:2.17.1-1ubuntu0.11","binary_name":"git-man"},{"binary_version":"1:2.17.1-1ubuntu0.11","binary_name":"git-mediawiki"},{"binary_version":"1:2.17.1-1ubuntu0.11","binary_name":"git-svn"},{"binary_version":"1:2.17.1-1ubuntu0.11","binary_name":"gitk"},{"binary_version":"1:2.17.1-1ubuntu0.11","binary_name":"gitweb"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-24765.json"}},{"package":{"name":"git","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/git@1:2.25.1-1ubuntu3.4?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.25.1-1ubuntu3.4"}]}],"versions":["1:2.20.1-2ubuntu1","1:2.24.0-1ubuntu1","1:2.24.0-1ubuntu2","1:2.25.0-1ubuntu1","1:2.25.1-1ubuntu1","1:2.25.1-1ubuntu2","1:2.25.1-1ubuntu3","1:2.25.1-1ubuntu3.1","1:2.25.1-1ubuntu3.2","1:2.25.1-1ubuntu3.3"],"ecosystem_specific":{"binaries":[{"binary_version":"1:2.25.1-1ubuntu3.4","binary_name":"git"},{"binary_version":"1:2.25.1-1ubuntu3.4","binary_name":"git-all"},{"binary_version":"1:2.25.1-1ubuntu3.4","binary_name":"git-cvs"},{"binary_version":"1:2.25.1-1ubuntu3.4","binary_name":"git-daemon-run"},{"binary_version":"1:2.25.1-1ubuntu3.4","binary_name":"git-daemon-sysvinit"},{"binary_version":"1:2.25.1-1ubuntu3.4","binary_name":"git-el"},{"binary_version":"1:2.25.1-1ubuntu3.4","binary_name":"git-email"},{"binary_version":"1:2.25.1-1ubuntu3.4","binary_name":"git-gui"},{"binary_version":"1:2.25.1-1ubuntu3.4","binary_name":"git-man"},{"binary_version":"1:2.25.1-1ubuntu3.4","binary_name":"git-mediawiki"},{"binary_version":"1:2.25.1-1ubuntu3.4","binary_name":"git-svn"},{"binary_version":"1:2.25.1-1ubuntu3.4","binary_name":"gitk"},{"binary_version":"1:2.25.1-1ubuntu3.4","binary_name":"gitweb"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-24765.json"}},{"package":{"name":"git","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/git@1:2.34.1-1ubuntu1.2?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.34.1-1ubuntu1.2"}]}],"versions":["1:2.32.0-1ubuntu1","1:2.33.1-1ubuntu1","1:2.34.1-1ubuntu1","1:2.34.1-1ubuntu1.1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:2.34.1-1ubuntu1.2","binary_name":"git"},{"binary_version":"1:2.34.1-1ubuntu1.2","binary_name":"git-all"},{"binary_version":"1:2.34.1-1ubuntu1.2","binary_name":"git-cvs"},{"binary_version":"1:2.34.1-1ubuntu1.2","binary_name":"git-daemon-run"},{"binary_version":"1:2.34.1-1ubuntu1.2","binary_name":"git-daemon-sysvinit"},{"binary_version":"1:2.34.1-1ubuntu1.2","binary_name":"git-email"},{"binary_version":"1:2.34.1-1ubuntu1.2","binary_name":"git-gui"},{"binary_version":"1:2.34.1-1ubuntu1.2","binary_name":"git-man"},{"binary_version":"1:2.34.1-1ubuntu1.2","binary_name":"git-mediawiki"},{"binary_version":"1:2.34.1-1ubuntu1.2","binary_name":"git-svn"},{"binary_version":"1:2.34.1-1ubuntu1.2","binary_name":"gitk"},{"binary_version":"1:2.34.1-1ubuntu1.2","binary_name":"gitweb"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-24765.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"type":"Ubuntu","score":"medium"}]}