A critical Remote Code Execution (RCE) vulnerability has been identified in the process of cloning Git repositories. This issue arises when repositories containing submodules are manipulated to exploit a flaw in Git, allowing files to be written not in the submodule’s work tree but directly into the “.git/” directory. This exploit causes a hook to execute during the cloning process, giving users no opportunity to inspect or interrupt the code execution. As a result, this vulnerability poses a significant security risk, as it enables automatic code execution without user verification.
Malicious actors can leverage repositories with submodules to exploit this bug, leading to the execution of a hook from the “.git/” directory during the cloning process, and potentially resulting in Remote Code Execution (RCE). This type of attack is especially dangerous because it can provide attackers with control over the system, allowing them to run arbitrary code, install malware, or carry out other malicious actions without the user’s knowledge or consent. The RCE
vulnerability while cloning Git repositories underscores the critical security concern identified as CVE-2024-32002.
Further guidance is available at www.Nangia.com
