Red Hat Security Advisory: git security update
Two security vulnerabilities affecting Git in Red Hat Enterprise Linux 9. 2 have been identified and addressed. The issues include arbitrary code execution (CVE-2025-48384) and arbitrary file writes (CVE-2025-48385). These vulnerabilities could allow an attacker to execute code or write files arbitrarily via Git. Red Hat has issued an important security advisory and released updated Git packages to remediate these issues. The advisory covers multiple architectures and variants of Red Hat Enterprise Linux 9. 2. No known exploits are reported in the wild at this time.
AI Analysis
Technical Summary
Red Hat Product Security has published an advisory (RHSA-2025:11795) for two Git vulnerabilities: CVE-2025-48384 (arbitrary code execution) and CVE-2025-48385 (arbitrary file writes). Git, a distributed version control system, is affected in Red Hat Enterprise Linux 9.2 and related packages. The advisory provides updated Git packages that fix these vulnerabilities. The vulnerabilities are rated as having important security impact by Red Hat, with a high severity classification in the source data. No CVSS scores are provided in the advisory or CVE data. The advisory includes detailed package updates for multiple architectures and product variants. No exploits in the wild are currently known.
Potential Impact
Successful exploitation of CVE-2025-48384 could allow arbitrary code execution within the context of the user running Git, potentially leading to compromise of the system or user environment. CVE-2025-48385 could allow arbitrary file writes, which may be leveraged to modify or create files without authorization. Both vulnerabilities affect Git operations on affected Red Hat Enterprise Linux 9.2 systems. No evidence of active exploitation has been reported. The impact is considered high due to the nature of arbitrary code execution and file write capabilities.
Mitigation Recommendations
Red Hat has released updated Git packages for Red Hat Enterprise Linux 9.2 that address these vulnerabilities. Users and administrators should apply the security update as soon as possible by following the instructions in the Red Hat advisory RHSA-2025:11795 and the referenced article https://access.redhat.com/articles/11258. Applying the official update fully mitigates the vulnerabilities. There is no indication from the vendor advisory that additional mitigation steps are required beyond applying the update.
Red Hat Security Advisory: git security update
Description
Two security vulnerabilities affecting Git in Red Hat Enterprise Linux 9. 2 have been identified and addressed. The issues include arbitrary code execution (CVE-2025-48384) and arbitrary file writes (CVE-2025-48385). These vulnerabilities could allow an attacker to execute code or write files arbitrarily via Git. Red Hat has issued an important security advisory and released updated Git packages to remediate these issues. The advisory covers multiple architectures and variants of Red Hat Enterprise Linux 9. 2. No known exploits are reported in the wild at this time.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Red Hat Product Security has published an advisory (RHSA-2025:11795) for two Git vulnerabilities: CVE-2025-48384 (arbitrary code execution) and CVE-2025-48385 (arbitrary file writes). Git, a distributed version control system, is affected in Red Hat Enterprise Linux 9.2 and related packages. The advisory provides updated Git packages that fix these vulnerabilities. The vulnerabilities are rated as having important security impact by Red Hat, with a high severity classification in the source data. No CVSS scores are provided in the advisory or CVE data. The advisory includes detailed package updates for multiple architectures and product variants. No exploits in the wild are currently known.
Potential Impact
Successful exploitation of CVE-2025-48384 could allow arbitrary code execution within the context of the user running Git, potentially leading to compromise of the system or user environment. CVE-2025-48385 could allow arbitrary file writes, which may be leveraged to modify or create files without authorization. Both vulnerabilities affect Git operations on affected Red Hat Enterprise Linux 9.2 systems. No evidence of active exploitation has been reported. The impact is considered high due to the nature of arbitrary code execution and file write capabilities.
Mitigation Recommendations
Red Hat has released updated Git packages for Red Hat Enterprise Linux 9.2 that address these vulnerabilities. Users and administrators should apply the security update as soon as possible by following the instructions in the Red Hat advisory RHSA-2025:11795 and the referenced article https://access.redhat.com/articles/11258. Applying the official update fully mitigates the vulnerabilities. There is no indication from the vendor advisory that additional mitigation steps are required beyond applying the update.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:11795
- Cve Count
- 2
- Additional Cves
- ["CVE-2025-48385"]
- Cvss Version
- null
Threat ID: 6a1f4e88e29bf47b5008255c
Added to database: 6/2/2026, 9:43:36 PM
Last enriched: 6/2/2026, 10:14:26 PM
Last updated: 6/3/2026, 5:07:40 AM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.