CVE-2017-14482
A command injection flaw within the Emacs "enriched mode" handling has been discovered. By tricking an unsuspecting user into opening a specially crafted file using Emacs, a remote attacker could exploit this flaw to execute arbitrary commands with the privileges of the Emacs user.
Find out more about CVE-2017-14482 from the MITRE CVE dictionary dictionary and NIST NVD.
CVSS v3 metrics
| CVSS3 Base Score | 8.1 |
|---|---|
| CVSS3 Base Metrics | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Attack Vector | Network |
| Attack Complexity | High |
| Privileges Required | None |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity Impact | High |
| Availability Impact | High |
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux 7 (emacs) | RHSA-2017:2771 | 2017-09-19 |
Affected Packages State
| Platform | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 6 | emacs | Will not fix |
| Red Hat Enterprise Linux 5 | emacs | Will not fix |
Mitigation
This issue can be mitigated by adding the following lines to the Emacs init file (for example ~/.emacs, ~/emacs.d/init.el, site-start.el) and avoiding options that would bypass normal initialization, like 'emacs -Q':
;; Mitigate CVE-2017-14482 in Emacs 25.2 and earlier
(require 'enriched)
(defun enriched-decode-display-prop (start end &optional param)
(list start end))