Описание
An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command gem is called through shell-command-to-string, but the feature-name parameters are not escaped. Thus, malicious Ruby source files may cause commands to be executed.
A flaw was found in the Emacs package. A malicious ruby source file may cause a local command injection.
Отчет
This vulnerability is only triggered when a local user runs Emacs with untrusted input. For this reason, this flaw has been rated with a Moderate security impact. Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low. Secure baseline configurations were established during the initial design of the system architecture and security boundary. Static code testing (SAST, DAST) is conducted before entry into the environment. CI/CD configurations help to restrict the use of commands or scripts that could be exploited by command injection and are coupled with a two-person review for all manual code promotions. The attack surface is limited through least privilege and least functionality enforcement, ensuring only authorized personnel can carry out these tasks and that only essential services and ports are enabled. Input validation is performed for all services or features within the system boundary, reducing the risk of improper input handling or command injection. Additionally, malicious code protection and system monitoring work together to minimize potential impacts by detecting, blocking, and responding in the case of successful exploitation.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | emacs | Out of support scope | ||
| Red Hat Enterprise Linux 7 | emacs | Affected | ||
| Red Hat Enterprise Linux 8 | emacs | Affected | ||
| Red Hat Enterprise Linux 9 | emacs | Fixed | RHSA-2023:2626 | 09.05.2023 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.3 High
CVSS3
Связанные уязвимости
An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command gem is called through shell-command-to-string, but the feature-name parameters are not escaped. Thus, malicious Ruby source files may cause commands to be executed.
An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command gem is called through shell-command-to-string, but the feature-name parameters are not escaped. Thus, malicious Ruby source files may cause commands to be executed.
An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, th ...
An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command gem is called through shell-command-to-string, but the feature-name parameters are not escaped. Thus, malicious Ruby source files may cause commands to be executed.
EPSS
7.3 High
CVSS3