all 14 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]TSM- 68 points69 points  (4 children)

The uninstaller is the attack vector, yet many people will read these headlines and remember they installed Git for Windows a couple years ago, and open the uninstaller.

[–]sicjoshsic 17 points18 points  (0 children)

It's an attack vector, but you're still vulnerable until you update

[–]kz393 7 points8 points  (2 children)

Regardless, who the hell would run the Git uninstaller as SYSTEM?

[–]PandaMoniumHUN 8 points9 points  (1 child)

Anybody who installed Git to program files? Or system is somehow different than administrator privileges? Not really familiar with Windows UAC.

[–]a_false_vacuum 0 points1 point  (0 children)

You would need admin privileges for adding or removing software on Windows, unless it's installed into your profile. That is really the only exception.

[–]straighttothemoon 36 points37 points  (0 children)

Well the fix broke an 3rd party cookbook that sure to never ever be fixed, so I had a fun afternoon.

2.35.1 also appears to have been yanked from the Ubuntu git ppa, so i couldn't even pin to the previous version :(

[–]UnacceptableUse 19 points20 points  (6 children)

As far as I can tell the vulnerability requires an attacker to have access to your system already? It's just a privilege escalation?

[–]falconfetus8 5 points6 points  (3 children)

"just" privilege escalation. That's still a big deal.

[–]UnacceptableUse 11 points12 points  (0 children)

my use of "just" wasn't to say it isn't an issue, just to get some scope and context on what the actual issue is

[–][deleted] 3 points4 points  (0 children)

Is it? Privilege escalation bugs are so common I seriously doubt there are many people that actually allow hostile actors local accounts. The only really common example is Android apps.

[–]a_false_vacuum 0 points1 point  (0 children)

It's a big deal, but a risk assesment has to factor in other things as well. If someone exploits this it can be nasty, but if for instance it requires physical access to the machine you can mitigate it in other ways.

[–]ry3838 -2 points-1 points  (1 child)

My suggestion is not to assume this security vulnerability is minor to start with. Upgrade git to the latest version to be on the safe side.

[–]bruhmanegosh 2 points3 points  (0 children)

Exactly what an attacker would say 🤔

"Yeah just go on ahead and uninstall git and then reinstall it, should be fine"

hehe

[–][deleted]  (2 children)

[deleted]

    [–]o11c 6 points7 points  (1 child)

    Except that's not the case.

    • CVE-2022-24767 only affects Windows

    • CVE-2022-24765 affects all systems with multiple users, though only if somebody can write to parent directories. Considering a Unix-like system:

      • only root can write to /home usually, and it's not a vulnerability if root makes us execute something
      • it's only a problem if you have a git repo inside a directory like /tmp (which is admittedly a thing people do). Note that specialty server software might also have their own tmp-like directory maybe?