Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALAS2-2023-1981

Related Vulnerabilities: CVE-2022-48337   CVE-2022-48338   CVE-2022-48339  

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u *" command (suggested in the etags documentation) in a situation where the current working directory has contents that depend on untrusted input. (CVE-2022-48337) An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command gem is called through shell-command-to-string, but the feature-name parameters are not escaped. Thus, malicious Ruby source files may cause commands to be executed. (CVE-2022-48338) An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed. (CVE-2022-48339)

Source

ALAS2-2023-1981

Amazon Linux 2 Security Advisory: ALAS-2023-1981
Advisory Release Date: 2023-03-02 22:35 Pacific
Advisory Updated Date: 2023-03-07 00:20 Pacific
Severity: Important
Issue Overview:

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u *" command (suggested in the etags documentation) in a situation where the current working directory has contents that depend on untrusted input. (CVE-2022-48337)

An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command gem is called through shell-command-to-string, but the feature-name parameters are not escaped. Thus, malicious Ruby source files may cause commands to be executed. (CVE-2022-48338)

An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed. (CVE-2022-48339)


Affected Packages:

emacs


Issue Correction:
Run yum update emacs to update your system.

New Packages:
aarch64:
    emacs-27.2-4.amzn2.0.3.aarch64
    emacs-lucid-27.2-4.amzn2.0.3.aarch64
    emacs-nox-27.2-4.amzn2.0.3.aarch64
    emacs-common-27.2-4.amzn2.0.3.aarch64
    emacs-devel-27.2-4.amzn2.0.3.aarch64
    emacs-debuginfo-27.2-4.amzn2.0.3.aarch64

i686:
    emacs-27.2-4.amzn2.0.3.i686
    emacs-lucid-27.2-4.amzn2.0.3.i686
    emacs-nox-27.2-4.amzn2.0.3.i686
    emacs-common-27.2-4.amzn2.0.3.i686
    emacs-devel-27.2-4.amzn2.0.3.i686
    emacs-debuginfo-27.2-4.amzn2.0.3.i686

noarch:
    emacs-terminal-27.2-4.amzn2.0.3.noarch
    emacs-filesystem-27.2-4.amzn2.0.3.noarch

src:
    emacs-27.2-4.amzn2.0.3.src

x86_64:
    emacs-27.2-4.amzn2.0.3.x86_64
    emacs-lucid-27.2-4.amzn2.0.3.x86_64
    emacs-nox-27.2-4.amzn2.0.3.x86_64
    emacs-common-27.2-4.amzn2.0.3.x86_64
    emacs-devel-27.2-4.amzn2.0.3.x86_64
    emacs-debuginfo-27.2-4.amzn2.0.3.x86_64

Additional References

Red Hat: CVE-2022-48337, CVE-2022-48338, CVE-2022-48339

Mitre: CVE-2022-48337, CVE-2022-48338, CVE-2022-48339

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started