{"uuid": "1851655f-9b6e-413f-99b8-3f738cbb71d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-32002", "type": "seen", "source": "https://t.me/DARK_SPOT_TEAM/462", "content": "\u2757\ufe0f RCE via git clone \u2757\ufe0f\nCVE-2024-32002\nExploitation Difficulty: Easy\n#RCE #CVE #git\n\n\u27a1\ufe0fThe idea that RCE can be achieved with a simple git clone command.\nImportant note: the attack works due to enabled symbolic links, hence the attack can be avoided by disabling them with git config --global core.symlinks false\n\n\u27a1\ufe0fInside Git's workings\nGit is a version control system that tracks changes in code over time. It manages complex projects by breaking them down into smaller, manageable pieces called repositories. To simplify this process even further, Git uses submodules - essentially, repositories nested within other repositories. Remember this concept.\n\nEach submodule resides in a specific directory in the main repository. Git tracks the path to the submodule, ensuring an accurate record of changes. However, there's a catch: in file systems not sensitive to case (like in Windows and macOS by default), A/modules/x and a/modules/x are considered the same path. This seemingly minor detail is the BASIS for CVE-2024-32002.\n\n\u27a1\ufe0fSymbolic Links\nSymbolic links are filesystem objects that serve as pointers to other files or directories. In the context of Git, they can be used to refer to other parts of the repository. Despite their convenience, symlinks can also be used for malicious purposes.\n\n\u27a1\ufe0fChecking changes in commits\nTwo files were changed, builtin/submodule--helper.c and t/t7406-submodule-update", "creation_timestamp": "2024-05-21T13:12:30.000000Z"}