{ "threat_severity" : "Important", "public_date" : "2025-02-12T00:00:00Z", "bugzilla" : { "description" : "emacs: Shell Injection Vulnerability in GNU Emacs via Custom \"man\" URI Scheme", "id" : "2345150", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2345150" }, "cvss3" : { "cvss3_base_score" : "8.8", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status" : "verified" }, "cwe" : "CWE-78", "details" : [ "A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect.", "A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect." ], "statement" : "To exploit this flaw, an attacker needs to trick a user into visiting a specially crafted website, an HTTP URL with a redirect or in general a custom man URI schemes. In order to exploit this vulnerability a user action is required, limiting the possibility of this issue to be exploited.", "acknowledgement" : "Red Hat would like to thank Vasilij Schneidermann (CODE WHITE) for reporting this issue.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date" : "2025-03-03T00:00:00Z", "advisory" : "RHSA-2025:2130", "cpe" : "cpe:/o:redhat:rhel_els:7", "package" : "emacs-1:24.3-23.el7_9.2" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2025-02-27T00:00:00Z", "advisory" : "RHSA-2025:1917", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "emacs-1:26.1-13.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2025-02-27T00:00:00Z", "advisory" : "RHSA-2025:1917", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "emacs-1:26.1-13.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date" : "2025-03-03T00:00:00Z", "advisory" : "RHSA-2025:2157", "cpe" : "cpe:/a:redhat:rhel_aus:8.2", "package" : "emacs-1:26.1-5.el8_2.3" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date" : "2025-03-03T00:00:00Z", "advisory" : "RHSA-2025:1963", "cpe" : "cpe:/a:redhat:rhel_aus:8.4", "package" : "emacs-1:26.1-5.el8_4.3" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date" : "2025-03-03T00:00:00Z", "advisory" : "RHSA-2025:1963", "cpe" : "cpe:/a:redhat:rhel_tus:8.4", "package" : "emacs-1:26.1-5.el8_4.3" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date" : "2025-03-03T00:00:00Z", "advisory" : "RHSA-2025:1963", "cpe" : "cpe:/a:redhat:rhel_e4s:8.4", "package" : "emacs-1:26.1-5.el8_4.3" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date" : "2025-03-03T00:00:00Z", "advisory" : "RHSA-2025:1961", "cpe" : "cpe:/a:redhat:rhel_aus:8.6", "package" : "emacs-1:26.1-7.el8_6.6" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date" : "2025-03-03T00:00:00Z", "advisory" : "RHSA-2025:1961", "cpe" : "cpe:/a:redhat:rhel_tus:8.6", "package" : "emacs-1:26.1-7.el8_6.6" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date" : "2025-03-03T00:00:00Z", "advisory" : "RHSA-2025:1961", "cpe" : "cpe:/a:redhat:rhel_e4s:8.6", "package" : "emacs-1:26.1-7.el8_6.6" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date" : "2025-03-03T00:00:00Z", "advisory" : "RHSA-2025:1962", "cpe" : "cpe:/a:redhat:rhel_eus:8.8", "package" : "emacs-1:26.1-10.el8_8.7" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-02-27T00:00:00Z", "advisory" : "RHSA-2025:1915", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "emacs-1:27.2-11.el9_5.1" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2025-03-03T00:00:00Z", "advisory" : "RHSA-2025:2022", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0", "package" : "emacs-1:27.2-6.el9_0.2" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date" : "2025-03-03T00:00:00Z", "advisory" : "RHSA-2025:1964", "cpe" : "cpe:/a:redhat:rhel_eus:9.2", "package" : "emacs-1:27.2-8.el9_2.2" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2025-03-04T00:00:00Z", "advisory" : "RHSA-2025:2195", "cpe" : "cpe:/a:redhat:rhel_eus:9.4", "package" : "emacs-1:27.2-10.el9_4.1" }, { "product_name" : "Builds for Red Hat OpenShift 1.3.2", "release_date" : "2025-03-13T00:00:00Z", "advisory" : "RHSA-2025:2754", "cpe" : "cpe:/a:redhat:openshift_builds:1.3::el9", "package" : "openshift-builds/openshift-builds-git-cloner-rhel9:sha256:02dfa9ff3833810645246f3af3ef89c2ea6794b61f3cdfe0929596ebf5bf042f" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "emacs", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "emacs", "cpe" : "cpe:/o:redhat:enterprise_linux:6" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-1244\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-1244" ], "name" : "CVE-2025-1244", "mitigation" : { "value" : "There is no an existing or known mitigation for this issue without disabling part of the Emacs core functionality. However, by avoiding opening or view untrusted files, websites, HTTP URLs or other URI resources with Emacs would reduce or prevent the risk of performing this attack successfully.", "lang" : "en:us" }, "csaw" : false }