Wind River Support Network


LIN1021-3299 : Security Advisory - git - CVE-2022-24765

Created: Apr 12, 2022    Updated: Jun 27, 2022
Resolved Date: Jun 27, 2022
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace


On multi-user machines, Git users might find themselves unexpectedly in  a Git worktree, e.g. when there is a scratch space (`/scratch/`) intended  for all users and another user created a repository in /scratch/.git`.
  Merely having a Git-aware prompt that runs `git status` (or `git diff`)  and navigating to a directory which is supposedly not a Git worktree, or  opening such a directory in an editor or IDE such as VS Code or Atom, will  potentially run commands defined by that other user via  `/scratch/.git/config`.

CREATE(Triage):(User=admin) CVE-2022-24765 (


Live chat