CVE-2022-20001 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2022-20001 Interim 1 14 2023-09-06T23:33:05Z current 2022-03-16T02:46:33Z 2023-09-06T23:33:05Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2022-20001 fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. When using the default configuration of fish, changing to a directory automatically runs `git` commands in order to display information about the current repository in the prompt. If an attacker can convince a user to change their current directory into one controlled by the attacker, such as on a shared file system or extracted archive, fish will run arbitrary commands under the attacker's control. This problem has been fixed in fish 3.4.0. Note that running git in these directories, including using the git tab completion, remains a potential trigger for this issue. As a workaround, remove the `fish_git_prompt` function from the prompt. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SRNZU5M6WR5TPTNDAIMOYXCJP2ONI4FB/ E-Mail link for openSUSE-SU-2022:0096-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Package Hub 15 SP3 openSUSE Leap 15.3 openSUSE Tumbleweed fish fish-3.4.0-1.1 fish-devel fish-devel-3.4.0-1.1 fish3-3.3.1-bp153.2.10.1 fish3-devel-3.3.1-bp153.2.10.1 fish3-3.3.1-bp153.2.10.1 as a component of SUSE Package Hub 15 SP3 fish3-devel-3.3.1-bp153.2.10.1 as a component of SUSE Package Hub 15 SP3 fish3-3.3.1-bp153.2.10.1 as a component of openSUSE Leap 15.3 fish3-devel-3.3.1-bp153.2.10.1 as a component of openSUSE Leap 15.3 fish-3.4.0-1.1 as a component of openSUSE Tumbleweed fish-devel-3.4.0-1.1 as a component of openSUSE Tumbleweed fish as a component of SUSE Linux Enterprise Module for Containers 15 SP3 fish-devel as a component of SUSE Linux Enterprise Module for Containers 15 SP3 fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. When using the default configuration of fish, changing to a directory automatically runs `git` commands in order to display information about the current repository in the prompt. If an attacker can convince a user to change their current directory into one controlled by the attacker, such as on a shared file system or extracted archive, fish will run arbitrary commands under the attacker's control. This problem has been fixed in fish 3.4.0. Note that running git in these directories, including using the git tab completion, remains a potential trigger for this issue. As a workaround, remove the `fish_git_prompt` function from the prompt. CVE-2022-20001 SUSE Package Hub 15 SP3:fish3-3.3.1-bp153.2.10.1 SUSE Package Hub 15 SP3:fish3-devel-3.3.1-bp153.2.10.1 openSUSE Leap 15.3:fish3-3.3.1-bp153.2.10.1 openSUSE Leap 15.3:fish3-devel-3.3.1-bp153.2.10.1 openSUSE Tumbleweed:fish-3.4.0-1.1 openSUSE Tumbleweed:fish-devel-3.4.0-1.1 SUSE Linux Enterprise Module for Containers 15 SP3:fish SUSE Linux Enterprise Module for Containers 15 SP3:fish-devel important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H