Critical SUSE Linux Distro Injection Vulnerability Allow Attackers Exploits “go-git” Library

A significant security vulnerability, designated CVE-2025-21613, has been discovered in the go-git library, used for Git version control in pure Go applications.

This issue affects all versions before 5.13.0 and is characterized by an argument injection vulnerability, enabling potential attackers to modify git-upload-pack flags when utilizing the file transport protocol.

This protocol is particularly vulnerable since it interacts with Git binaries, making it an attractive target for exploitation.

The vulnerability has been rated with important severity based on its exploitability and impact.

The affected Amazon SSM Agent has been updated to version 3.3.1611.0, which resolves the vulnerability. The update ensures secure handling of inputs, mitigating the risk of exploitation.

The CVSS scores indicate a high likelihood of exploitation with severe consequences for confidentiality, integrity, and availability.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

Affected SUSE Products

The following table summarizes the SUSE products impacted by this vulnerability, along with recommendations for mitigation:

To safeguard systems, users are advised to upgrade to go-git version 5.13.0 or later to eliminate the vulnerability.

Several SUSE security advisories have been issued regarding this vulnerability:

The discovery of CVE-2025-21613 in the go-git library presents significant risks to a variety of SUSE products and applications.

Users should prioritize immediate updates to safeguard against potential exploitation.

Ongoing monitoring of security advisories and updates is crucial for maintaining system integrity and security in the face of evolving threats.

Integrating Application Security into Your CI/CD Workflows Using Jenkins & Jira -> Free Webinar