USN-6793-1 fixed vulnerabilities in Git. The CVE-2024-32002 was pending further investigation. This update fixes the problem.
Original advisory details:
It was discovered that Git incorrectly handled certain submodules. An attacker could possibly use this issue to execute arbitrary code. This issue was fixed in Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2024-32002)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1:2.25.1-1ubuntu3.13", "binary_name": "git" }, { "binary_version": "1:2.25.1-1ubuntu3.13", "binary_name": "git-all" }, { "binary_version": "1:2.25.1-1ubuntu3.13", "binary_name": "git-cvs" }, { "binary_version": "1:2.25.1-1ubuntu3.13", "binary_name": "git-daemon-run" }, { "binary_version": "1:2.25.1-1ubuntu3.13", "binary_name": "git-daemon-sysvinit" }, { "binary_version": "1:2.25.1-1ubuntu3.13", "binary_name": "git-dbgsym" }, { "binary_version": "1:2.25.1-1ubuntu3.13", "binary_name": "git-doc" }, { "binary_version": "1:2.25.1-1ubuntu3.13", "binary_name": "git-el" }, { "binary_version": "1:2.25.1-1ubuntu3.13", "binary_name": "git-email" }, { "binary_version": "1:2.25.1-1ubuntu3.13", "binary_name": "git-gui" }, { "binary_version": "1:2.25.1-1ubuntu3.13", "binary_name": "git-man" }, { "binary_version": "1:2.25.1-1ubuntu3.13", "binary_name": "git-mediawiki" }, { "binary_version": "1:2.25.1-1ubuntu3.13", "binary_name": "git-svn" }, { "binary_version": "1:2.25.1-1ubuntu3.13", "binary_name": "gitk" }, { "binary_version": "1:2.25.1-1ubuntu3.13", "binary_name": "gitweb" } ] }