CVE-2024-5795 – This CVE describes a Denial of Service vulnerab... (How to Fix)

Q: What is the severity of CVE-2024-5795?

CVE-2024-5795 has a CVSS score of 7.7 (HIGH). This CVE describes a Denial of Service vulnerability in GitHub Enterprise Server where an attacker can send a large payload to the Git server, causing unbounded resource exhaustion. This affects all organizations running GitHub Enterprise Server versions prior to 3.14, potentially rendering their Git services unavailable.

📋 TL;DR

This CVE describes a Denial of Service vulnerability in GitHub Enterprise Server where an attacker can send a large payload to the Git server, causing unbounded resource exhaustion. This affects all organizations running GitHub Enterprise Server versions prior to 3.14, potentially rendering their Git services unavailable.

💻 Affected Systems

Products:

GitHub Enterprise Server

Versions: All versions prior to 3.14

Operating Systems: All supported OS for GitHub Enterprise Server

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all deployments of GitHub Enterprise Server in vulnerable versions regardless of configuration.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service outage of GitHub Enterprise Server, preventing all Git operations and potentially affecting dependent CI/CD pipelines and development workflows.

🟠

Likely Case

Temporary service degradation or outage affecting Git operations until resources are restored or the attack stops.

🟢

If Mitigated

Minimal impact with proper rate limiting, network controls, and monitoring in place to detect and block malicious payloads.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability requires sending a large payload to the Git server, which is relatively simple to execute.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.13.1, 3.12.6, 3.11.12, 3.10.14, or 3.9.17

Vendor Advisory: https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.14

Restart Required: Yes

Instructions:

1. Backup your GitHub Enterprise Server instance. 2. Download the patched version from GitHub Enterprise downloads. 3. Follow the upgrade instructions for your specific version. 4. Restart the server after upgrade completion.

🔧 Temporary Workarounds

Implement network-level rate limiting

all

Configure network devices or firewalls to limit the size of payloads sent to the Git server port.

Restrict Git server access

all

Limit Git server access to trusted IP ranges only through firewall rules.

🧯 If You Can't Patch

Implement strict network segmentation to isolate the GitHub Enterprise Server from untrusted networks
Deploy WAF or IPS solutions with payload size limiting rules for Git traffic

🔍 How to Verify

Check if Vulnerable:

Check your GitHub Enterprise Server version via the Management Console or SSH into the appliance and run 'ghe-version'

Check Version:

ssh admin@your-ghe-instance 'ghe-version'

Verify Fix Applied:

Verify the version is 3.13.1, 3.12.6, 3.11.12, 3.10.14, 3.9.17 or later after patching

📡 Detection & Monitoring

Log Indicators:

Unusually large Git payloads in server logs
Resource exhaustion alerts (CPU/memory spikes)
Failed Git operations due to server unavailability

Network Indicators:

Large payloads to Git server port (typically 9418 or 22)
Unusual traffic patterns to Git endpoints

SIEM Query:

source="github-enterprise" ("resource exhaustion" OR "large payload" OR "git server error")

📊 Metadata

CVE ID: CVE-2024-5795

CVSS v3 Score: 7.7 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CWE: CWE-400

Published: July 16, 2024

Last Updated: November 21, 2024

🔗 References

https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.14 Release Notes
https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.12 Release Notes
https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.6 Release Notes
https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1 Release Notes
https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.17 Release Notes
https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.14 Release Notes
https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.12 Release Notes
https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.6 Release Notes
https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1 Release Notes
https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.17 Release Notes

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-5795, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Enterprise Server by Github

Enterprise Server by Github

Enterprise Server by Github

Enterprise Server by Github

Enterprise Server by Github

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Implement network-level rate limiting

Restrict Git server access

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities