CVE-2014-3424

Published: 8 May 2014

lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file.

Priority

Status

Package	Release	Status
emacs-snapshot Launchpad, Ubuntu, Debian	artful	Does not exist
	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	lucid	Ignored (end of life)
	precise	Does not exist
	quantal	Does not exist
	saucy	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	utopic	Does not exist
	vivid	Does not exist
	wily	Does not exist
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist
emacs22 Launchpad, Ubuntu, Debian	artful	Does not exist
	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	lucid	Ignored (end of life)
	precise	Does not exist
	quantal	Does not exist
	saucy	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	utopic	Does not exist
	vivid	Does not exist
	wily	Does not exist
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist
emacs23 Launchpad, Ubuntu, Debian	artful	Does not exist
	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	lucid	Ignored (end of life)
	precise	Ignored (end of life)
	quantal	Ignored (end of life)
	saucy	Ignored (end of life)
	trusty	Does not exist (trusty was needed)
	upstream	Needs triage
	utopic	Ignored (end of life)
	vivid	Does not exist
	wily	Does not exist
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist
	Patches: upstream: http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00060.html
	This vulnerability is mitigated in part by the use of symlink restrictions in Ubuntu. This vulnerability is mitigated in part by the use of hardlink restrictions in Ubuntu.
emacs24 Launchpad, Ubuntu, Debian	artful	Does not exist
	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	trusty	Does not exist (trusty was needed)
	upstream	Released (24.3+1-4)
	xenial	Not vulnerable (24.5+1-6ubuntu1)
	zesty	Not vulnerable (24.5+1-8ubuntu2)
	Patches: upstream: http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00060.html
	This vulnerability is mitigated in part by the use of symlink restrictions in Ubuntu. This vulnerability is mitigated in part by the use of hardlink restrictions in Ubuntu.
emacs25 Launchpad, Ubuntu, Debian	artful	Not vulnerable
	bionic	Not vulnerable
	cosmic	Does not exist
	disco	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable
	xenial	Does not exist
	zesty	Not vulnerable
xemacs21 Launchpad, Ubuntu, Debian	artful	Not vulnerable (code-not-present)
	bionic	Not vulnerable (code-not-present)
	cosmic	Does not exist
	disco	Does not exist
	lucid	Ignored (end of life)
	precise	Not vulnerable (code-not-present)
	quantal	Not vulnerable (code-not-present)
	saucy	Not vulnerable (code-not-present)
	trusty	Does not exist (trusty was not-affected [code-not-present])
	upstream	Needs triage
	utopic	Not vulnerable (code-not-present)
	vivid	Not vulnerable (code-not-present)
	wily	Not vulnerable (code-not-present)
	xenial	Not vulnerable (code-not-present)
	yakkety	Not vulnerable (code-not-present)
	zesty	Not vulnerable (code-not-present)
xemacs21-packages Launchpad, Ubuntu, Debian	artful	Ignored (end of life)
	bionic	Not vulnerable (code not present)
	cosmic	Does not exist
	disco	Does not exist
	lucid	Ignored (end of life)
	precise	Ignored (end of life)
	quantal	Ignored (end of life)
	saucy	Ignored (end of life)
	trusty	Does not exist (trusty was needed)
	upstream	Needs triage
	utopic	Ignored (end of life)
	vivid	Ignored (end of life)
	wily	Ignored (end of life)
	xenial	Not vulnerable (code not present)
	yakkety	Ignored (end of life)
	zesty	Ignored (end of life)

References

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747100

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›