CVE-2025-48384 - [KEV] - CVSS 8.0

Overview

CVE-2025-48384 is a link-following vulnerability in Git arising from inconsistent handling of carriage return (CR) characters when reading and writing configuration values. Git strips trailing CR characters when reading configuration entries but does not quote or escape them when writing, producing a round-trip inconsistency. An attacker who controls repository content (for example, through a crafted submodule path or configuration entry containing a trailing CR) can cause Git to interpret a different path than the one originally written. When combined with submodule hooks or post-checkout actions, this can result in files being written outside the intended submodule directory, leading to arbitrary file write and, in turn, arbitrary code execution upon a recursive clone.

The vulnerability carries a CVSS score of 8.0 and was added to CISA's Known Exploited Vulnerabilities (KEV) catalog on 2025-08-25, indicating confirmed in-the-wild exploitation. The EPSS score of 0.005 reflects limited automated scanning activity, consistent with targeted rather than mass exploitation patterns typical of supply-chain–style abuse against developer workstations and CI systems.

Affected Products

• Git (git-scm.com): Core Git distributions prior to fixed releases (notably v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1).
• Apple Xcode: Bundled Git toolchain within affected Xcode releases; addressed in Apple's subsequent Xcode security update.
• Debian Linux: Distribution packages of Git across supported Debian releases require patched versions via DSA updates.
• Any downstream platform redistributing vulnerable Git binaries (developer tools, CI/CD runners, container base images, IDEs invoking system Git).

Exploitation Evidence

No specific exploitation telemetry, victim reporting, or proof-of-concept attribution is recorded in the available evidence database. However, inclusion in the CISA KEV catalog on 2025-08-25 constitutes authoritative confirmation that active exploitation has been observed. The likely exploitation vector is a malicious repository — hosted publicly or delivered via supply chain — that triggers code execution when a victim performs git clone --recursive or otherwise initializes submodules. This pattern places developer endpoints, build agents, and automated dependency-fetch pipelines at primary risk.

ATT&CK Mapping

No formal ATT&CK mappings exist in the source database. Based on the technical mechanism, the following techniques are analytically relevant:

• T1195.002 – Compromise Software Supply Chain: Malicious repository content delivered through trusted dependency channels.
• T1204.001 – User Execution: Malicious Link / T1204.002 – Malicious File: User-initiated clone of an attacker-controlled repository.
• T1059 – Command and Scripting Interpreter: Execution of attacker-controlled hooks or scripts written to unexpected filesystem locations.
• T1546 – Event Triggered Execution: Abuse of Git hooks (e.g., post-checkout) as a persistence and execution mechanism.

Threat Actor Context

No public threat actor attribution is available in the source data. Vulnerabilities of this class — silent code execution via repository cloning — are historically of high interest to actors targeting software developers, including state-aligned groups previously observed weaponizing developer tooling (e.g., supply-chain operations against npm, PyPI, and GitHub-hosted projects). The KEV listing indicates that at least one operationally capable actor has integrated this flaw into active campaigns.

Recommended Actions

• Patch immediately: Upgrade Git to v2.50.1, v2.49.1, v2.48.2, v2.47.3, v2.46.4, v2.45.4, v2.44.4, or v2.43.7 (or later). Update Xcode to the current Apple-released security version and apply Debian security updates for the git package.
• Audit CI/CD and build images: Inventory all container images, build runners, and developer VM templates for embedded Git versions; rebuild and redeploy after patching.
• Restrict recursive cloning of untrusted repositories: Until patches are universally deployed, avoid git clone --recursive and git submodule update against untrusted sources; consider disabling submodule auto-init in CI for external pull requests.
• Enable defensive Git configuration: Set protocol.file.allow=user and review core.hooksPath, core.fsmonitor, and similar configuration controls that have been exploited in adjacent Git CVEs.
• Detection: Monitor developer and build-agent endpoints for anomalous file writes outside repository working directories during clone operations, and for execution of binaries from unexpected paths under .git/.
• Compliance: U.S. federal agencies must remediate per BOD 22-01 timelines following the 2025-08-25 KEV listing; private organizations should align to equivalent SLAs.