Particle.news
Download on the App Store
5 ARTICLES
·
6h ago

CISA Confirms Exploited Git Flaw, Adds CVE-2025-48384 to KEV With Sept. 15 Patch Deadline

The bug abuses control-character parsing in submodule paths to force arbitrary file writes that can trigger code execution on macOS and Linux.

git
Image

Overview

  • CISA’s KEV listing makes remediation mandatory for federal civilian agencies by September 15 under BOD 22-01.
  • The vulnerability arises from Git stripping trailing carriage returns on read but preserving them on write, enabling altered submodule paths and unintended hook execution.
  • Git shipped fixes on July 8 in versions 2.43.7 through 2.50.1, and maintainers urge immediate updates on developer workstations and build systems.
  • Researchers at Datadog published proofs of concept and reported early exploit activity, though no public incident details have been released.
  • Alongside the Git issue, CISA also added two medium-severity Citrix Session Recording flaws (CVE-2024-8068, CVE-2024-8069) that were patched by the vendor in November 2024.