CVE-2021-21300 Overview
CVE-2021-21300 is a symlink attack vulnerability in Git, the widely-used open-source distributed revision control system. The vulnerability allows remote code execution when cloning a specially crafted malicious repository onto case-insensitive file systems such as NTFS (Windows), HFS+, or APFS (macOS). The attack leverages symbolic links combined with clean/smudge filters like Git LFS to execute arbitrary scripts during the clone operation.
This vulnerability is particularly dangerous because Git for Windows configures Git LFS by default, making Windows users automatically vulnerable without any additional configuration. The attack requires no authentication and can be triggered simply by cloning a malicious repository, making it highly exploitable in supply chain attack scenarios.
Critical Impact
Remote code execution during git clone operations on Windows and macOS systems, potentially compromising developer workstations and CI/CD pipelines through malicious repositories.
Affected Products
- Git-scm Git (versions 2.14.2 through 2.30.0)
- Apple Xcode (multiple versions)
- Apple macOS (multiple versions)
- Fedora (versions 32, 33, 34)
- Debian Linux 10.0
Discovery Timeline
- 2021-03-09 - CVE-2021-21300 published to NVD
- 2024-11-21 - Last updated in NVD database
Technical Details for CVE-2021-21300
Vulnerability Analysis
The vulnerability exploits a race condition in how Git handles symbolic links during the checkout process on case-insensitive file systems. When Git clones a repository, it processes files in a specific order. An attacker can craft a repository where a symbolic link is checked out first, pointing to a directory that will be created later. Due to case-insensitivity, when Git subsequently creates the target directory, it follows the symlink, placing files in an unintended location.
The attack becomes especially dangerous when combined with Git LFS or other clean/smudge filters. These filters execute external programs to process file content during checkout. By exploiting the symlink traversal issue, an attacker can place a malicious script in the repository that gets executed by the filter mechanism.
Root Cause
The root cause is improper link resolution in Git's checkout code (CWE-59: Improper Link Resolution Before File Access). Git's lstat cache was not properly invalidated when directories were removed and replaced, allowing stale symlink information to persist. This caused Git to follow symbolic links in leading path components when it should have been creating new directories, enabling path traversal attacks on case-insensitive file systems.
Attack Vector
The attack requires a victim to clone a malicious repository onto a case-insensitive file system with Git LFS or similar clean/smudge filters configured. The attacker constructs a repository with:
- A symbolic link pointing to a target directory path
- Files using case variations that resolve to the same path on case-insensitive systems
- A hook script or executable that gets placed via the symlink traversal
- Attributes configuring clean/smudge filters to trigger script execution
The following patch from the official Git security fix demonstrates the cache invalidation added to prevent stale symlink information:
extern int threaded_has_symlink_leading_path(struct cache_def *, const char *, int);
extern int check_leading_path(const char *name, int len);
extern int has_dirs_only_path(const char *name, int len, int prefix_len);
+extern void invalidate_lstat_cache(void);
extern void schedule_dir_for_removal(const char *name, int len);
extern void remove_scheduled_dirs(void);
Source: Git Security Commit
The fix also ensures cache invalidation occurs when directories are removed:
ask_yes_no_if_possible("Deletion of directory '%s' failed. "
"Should I try again?", pathname))
ret = _wrmdir(wpathname);
+ if (!ret)
+ invalidate_lstat_cache();
return ret;
}
Source: Git Security Commit
Detection Methods for CVE-2021-21300
Indicators of Compromise
- Unexpected script execution during git clone operations
- Repository contents containing symbolic links combined with .gitattributes filter configurations
- Presence of case-variant file names designed to exploit case-insensitive file systems
- Suspicious Git LFS filter activity creating files outside the repository directory
Detection Strategies
- Monitor git clone operations for unexpected child process spawning, particularly shell scripts or executables
- Implement file integrity monitoring on developer workstations to detect unauthorized file creation during clone operations
- Analyze incoming repository contents for symbolic links pointing outside the repository structure before allowing clone operations
- Deploy endpoint detection to identify unusual Git process behavior patterns
Monitoring Recommendations
- Enable audit logging for all Git operations in CI/CD environments
- Monitor for repositories containing both symlinks and .gitattributes with filter configurations
- Implement network-level monitoring for clone operations from untrusted or unknown repository sources
- Use SentinelOne's behavioral AI to detect anomalous process execution chains originating from Git operations
How to Mitigate CVE-2021-21300
Immediate Actions Required
- Update Git to a patched version immediately: 2.30.1, 2.29.3, 2.28.1, 2.27.1, 2.26.3, 2.25.5, 2.24.4, 2.23.4, 2.22.5, 2.21.4, 2.20.5, 2.19.6, 2.18.5, or 2.17.6
- Audit all systems running Git for Windows, as Git LFS is configured by default and makes systems automatically vulnerable
- Review and remove any Git LFS or clean/smudge filter configurations from global Git settings if not required
- Avoid cloning repositories from untrusted sources until patches are applied
Patch Information
Patches were released on March 9th, 2021. The fix versions address the vulnerability across multiple Git release branches. The security commit 684dd4c2b414bcf648505e74498a608f28de4592 introduces the invalidate_lstat_cache() function to properly clear cached symlink information when directories are removed. For detailed information, refer to the GitHub Security Advisory and the official Git commit.
Workarounds
- Disable symbolic link support globally using git config --global core.symlinks false to prevent the symlink-based attack vector
- Remove global clean/smudge filter configurations (including Git LFS) before cloning untrusted repositories
- Configure Git LFS only on a per-repository basis rather than globally to limit exposure
- Use containerized or sandboxed environments for cloning repositories from untrusted sources
# Disable symbolic links globally to mitigate the vulnerability
git config --global core.symlinks false
# Verify Git LFS is not configured globally
git lfs uninstall --system
git config --global --unset filter.lfs.clean
git config --global --unset filter.lfs.smudge
git config --global --unset filter.lfs.process
# Check current Git version
git --version
# Update Git on macOS via Homebrew
brew upgrade git
# Update Git on Windows (download from git-scm.com)
# Or use: git update-git-for-windows
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
