Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 11 Sep 2017 20:58:57 +0200
From: Salvatore Bonaccorso <carnil@...ian.org>
To: oss-security@...ts.openwall.com
Subject: Re: GNU Emacs 25.2 enriched text remote code execution

Hi Paul,

On Sun, Sep 10, 2017 at 11:56:20PM -0700, Paul Eggert wrote:
> GNU Emacs is an extensible, customizable, free/libre text editor and
> software environment.  When Emacs renders MIME text/enriched data (Internet
> RFC 1896), it is vulnerable to arbitrary code execution. Since Emacs-based
> mail clients decode "Content-Type: text/enriched", this code is exploitable
> remotely. This bug affects GNU Emacs versions 19.29 through 25.2.
> 
> Although we know no efforts to exploit this in the wild, exploitation is easy.
[...]
> == Timeline ==
> 
> 2017-09-04. Bug reported to the Emacs bug tracker by Charles A. Roelli.
> 
> 2017-09-07. POC for remote code execution sent to the maintainers of Emacs
> and Gnus (Reiner Steib <Reiner.Steib@....de>, private mail).
> 
> 2017-09-08. Patch (by Lars Ingebrigtsen <larsi@...s.org>) to disable the
> problematic code and mitigation (private mail).
> 
> 2017-09-09. Patch committed in main development repository.

Have you requested a CVE for this issue?

Regards,
Salvatore

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ