Description
gitoxide is an implementation of git written in Rust. Prior to 0.21.1, a malicious tree can be constructed that will, when checked out with gitoxide, permit writing an attacker-controlled symlink into any existing directory the user has write access to. During checkout, all symlink index entries are deferred and created after regular files using a single shared gix_worktree::Stack. Internally, this uses a gix_fs::Stack. gix_fs::Stack::make_relative_path_current() caches validated path prefixes: when the previously-processed leaf component exactly matches the leading component(s) of the next path, the leaf-to-directory transition at gix-fs/src/stack.rs invokes only delegate.push_directory(), never delegate.push(). In gix_worktree::stack::delegate::StackDelegate, when the state member is State::CreateDirectoryAndAttributesStack, Attributes::push_directory() only loads attributes (from the ODB, in the clone case), and does not perform any other checks. The on-disk symlink_metadata() check and unlink-on-collision live in StackDelegate::push()'s invocation of create_leading_directory(), which is therefore bypassed for the cached prefix. The final symlink is created with plain std::os::unix::fs::symlink, which follows symlinks in parent directories. Therefore, it's possible to provide a tree with duplicate symlink and directory entries that exploits this. This vulnerability is fixed in 0.21.1.
Published: 2026-05-13
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

gitoxide, an implementation of git in Rust, has a flaw that allows a malicious repository tree to be constructed so that when the repository is checked out, the tool creates attacker‑controlled symlinks in any directory the user can write to. The bug arises from symlink prefix reuse during the checkout phase, which bypasses the normal directory creation checks and accepts symlinks that traverse out of the intended worktree. This is a path‑confusion type vulnerability (CWE‑59) that can lead to overwriting files, enabling local elevation of privilege or execution of arbitrary code if the attacker can place a malicious binary where the user has write access.

Affected Systems

The vulnerability affects GitoxideLabs:gitoxide, specifically versions older than 0.21.1. Any system running a pre‑0.21.1 release of gitoxide and who has write permissions to the target directory during a checkout is at risk. Users who clone or fetch repositories from untrusted sources with these older versions could have the repository written outside the intended working directory.

Risk and Exploitability

The CVSS score of 7.8 indicates high severity, but the EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. The attack requires the attacker to supply a specially crafted repository and a user with write access to a target directory. The vulnerability is local; it cannot be exploited remotely over a network connection. However, once the user runs gitoxide on the malicious repository, arbitrary files can be written or replaced, potentially facilitating privilege escalation or code execution.

Generated by OpenCVE AI on May 13, 2026 at 22:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade gitoxide to version 0.21.1 or newer, which fixes the symlink prefix‑reuse flaw.
  • If an upgrade is not immediately possible, limit write permissions on the target checkout directory to prevent unauthorized overwrites.
  • Run gitoxide in a restricted environment (e.g., a container or read‑only filesystem) when handling untrusted repositories, and monitor for unexpected symlink creation during checkout.

Generated by OpenCVE AI on May 13, 2026 at 22:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-f89h-2fjh-2r9q gix-fs: Symlink prefix-reuse allows worktree escape during checkout
History

Thu, 28 May 2026 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Gitoxidelabs gix-fs
CPEs cpe:2.3:a:gitoxidelabs:gix-fs:*:*:*:*:*:rust:*:*
Vendors & Products Gitoxidelabs gix-fs

Thu, 14 May 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Gitoxidelabs
Gitoxidelabs gitoxide
Vendors & Products Gitoxidelabs
Gitoxidelabs gitoxide

Thu, 14 May 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 13 May 2026 21:45:00 +0000

Type Values Removed Values Added
Description gitoxide is an implementation of git written in Rust. Prior to 0.21.1, a malicious tree can be constructed that will, when checked out with gitoxide, permit writing an attacker-controlled symlink into any existing directory the user has write access to. During checkout, all symlink index entries are deferred and created after regular files using a single shared gix_worktree::Stack. Internally, this uses a gix_fs::Stack. gix_fs::Stack::make_relative_path_current() caches validated path prefixes: when the previously-processed leaf component exactly matches the leading component(s) of the next path, the leaf-to-directory transition at gix-fs/src/stack.rs invokes only delegate.push_directory(), never delegate.push(). In gix_worktree::stack::delegate::StackDelegate, when the state member is State::CreateDirectoryAndAttributesStack, Attributes::push_directory() only loads attributes (from the ODB, in the clone case), and does not perform any other checks. The on-disk symlink_metadata() check and unlink-on-collision live in StackDelegate::push()'s invocation of create_leading_directory(), which is therefore bypassed for the cached prefix. The final symlink is created with plain std::os::unix::fs::symlink, which follows symlinks in parent directories. Therefore, it's possible to provide a tree with duplicate symlink and directory entries that exploits this. This vulnerability is fixed in 0.21.1.
Title gitoxide: Symlink prefix-reuse allows worktree escape during checkout
Weaknesses CWE-59
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Gitoxidelabs Gitoxide Gix-fs
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-14T12:59:51.324Z

Reserved: 2026-05-06T17:18:51.782Z

Link: CVE-2026-44471

cve-icon Vulnrichment

Updated: 2026-05-14T12:59:38.459Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-13T22:16:46.057

Modified: 2026-05-28T17:35:01.017

Link: CVE-2026-44471

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-14T14:33:08Z

Weaknesses