Untrusted Emacs Lisp Source Code Expansion can Lead to Arbitrary Code Execution
CVE-2024-53920

7.8HIGH

Key Information:

Vendor: GNU
Status: Emacs
Vendor: CVE Published:; 27 November 2024

Summary

A vulnerability exists in the elisp mode of GNU Emacs versions prior to 30.0.92 that allows untrusted Emacs Lisp source code to execute arbitrary code. This issue arises when users invoke the 'elisp-completion-at-point' function for code completion or enable on-the-fly diagnostics which may inadvertently byte-compile untrusted code, leading to unsafe Lisp macro expansions. It is crucial for users to exercise caution when dealing with untrusted code to mitigate potential security risks.

References

https://git.savannah.gnu.org/cgit/emacs.git/tree/ChangeLog.4

https://git.savannah.gnu.org/cgit/emacs.git/tag/?h=emacs-...

https://eshelyaron.com/posts/2024-11-27-emacs-aritrary-co...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 27, 2024