{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-2491", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2024-08-02T06:26:08.963Z", "dateReserved": "2023-05-03T00:00:00", "datePublished": "2023-05-17T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-05-17T00:00:00"}, "descriptions": [{"lang": "en", "value": "A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the \"org-babel-execute:latex\" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2."}], "affected": [{"vendor": "n/a", "product": "emacs", "versions": [{"version": "Affects emacs v26.1-9.el8 and emacs v27.2-8.el9, Fixed in emacs v26.1-10.el8_8.2 and emacs v27.2-8.el9_2.1", "status": "affected"}]}], "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192873"}, {"url": "https://access.redhat.com/security/cve/CVE-2023-2491"}, {"url": "https://access.redhat.com/errata/RHSA-2023:3104"}, {"url": "https://access.redhat.com/errata/RHSA-2023:2626"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')", "cweId": "CWE-77"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:26:08.963Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192873", "tags": ["x_transferred"]}, {"url": "https://access.redhat.com/security/cve/CVE-2023-2491", "tags": ["x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2023:3104", "tags": ["x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2023:2626", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:emacs:26.1-9.el8:*:*:*:*:*:*:*", "matchCriteriaId": "0D22AA80-5195-415F-B400-E15FDA9DB01C", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:emacs:27.2-8.el9:*:*:*:*:*:*:*", "matchCriteriaId": "28CA40AF-31C9-43CA-B6F1-2B67222B9271", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*", "matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.8:*:*:*:*:*:*:*", "matchCriteriaId": "0CD25A35-9C2B-4382-8720-4E39F928170B", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*", "matchCriteriaId": "F1CA946D-1665-4874-9D41-C7D963DD1F56", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the \"org-babel-execute:latex\" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2."}], "id": "CVE-2023-2491", "lastModified": "2023-05-25T17:25:35.470", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-05-17T22:15:10.997", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2023:2626"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2023:3104"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-2491"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192873"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-77"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2023:3104", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "emacs-1:26.1-10.el8_8.2", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-05-16T00:00:00Z"}, {"advisory": "RHSA-2023:3104", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "emacs-1:26.1-10.el8_8.2", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-05-16T00:00:00Z"}, {"advisory": "RHSA-2023:2626", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "emacs-1:27.2-8.el9_2.1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-05-09T00:00:00Z"}], "bugzilla": {"description": "emacs: Regression of CVE-2023-28617 fixes in the Red Hat Enterprise Linux", "id": "2192873", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192873"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-77", "details": ["A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the \"org-babel-execute:latex\" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.", "A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the \"org-babel-execute:latex\" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2."], "name": "CVE-2023-2491", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "emacs", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "emacs", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2023-05-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-2491\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-2491"], "statement": "This issue only affects Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2, which introduced this regression via the following errata:\nhttps://access.redhat.com/errata/RHSA-2023:3042 (Red Hat Enterprise Linux 8.8)\nhttps://access.redhat.com/errata/RHSA-2023:2366 (Red Hat Enterprise Linux 9.2)\nThese errata provided updates for emacs package, but did not include fixes for CVE-2023-28617.\nA user who installs or updates to Red Hat Enterprise Linux 8.8 or Red Hat Enterprise Linux 9.2 would be vulnerable to the CVE-2023-28617, even if they were properly fixed in Red Hat Enterprise Linux 8.7 and in Red Hat Enterprise Linux 9.1. The CVE-2023-2491 was assigned to that Red Hat specific security regression and it is not applicable to any upstream emacs version or emacs packages of any other vendor that are not directly based on Red Hat Enterprise Linux packages.\nFor more details about the original security issue CVE-2023-28617, refer to the CVE page: https://access.redhat.com/security/cve/CVE-2023-28617.", "threat_severity": "Important", "upstream_fix": "emacs 26.1-10.el8_8.2, emacs 27.2-8.el9_2.1"}