发布于3月6日3月6日 Members Amazon Linux 2023: CVE-2024-30202: Important priority package update for emacs Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 03/25/2024 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23. A flaw was found in Emacs. Arbitrary Lisp code can be evaluated when an Org mode file is opened or when the Org mode is being enabled, resulting in arbitrary code execution. Solution(s) amazon-linux-2023-upgrade-emacs amazon-linux-2023-upgrade-emacs-common amazon-linux-2023-upgrade-emacs-common-debuginfo amazon-linux-2023-upgrade-emacs-debuginfo amazon-linux-2023-upgrade-emacs-debugsource amazon-linux-2023-upgrade-emacs-devel amazon-linux-2023-upgrade-emacs-filesystem amazon-linux-2023-upgrade-emacs-lucid amazon-linux-2023-upgrade-emacs-lucid-debuginfo amazon-linux-2023-upgrade-emacs-nox amazon-linux-2023-upgrade-emacs-nox-debuginfo amazon-linux-2023-upgrade-emacs-terminal References https://attackerkb.com/topics/cve-2024-30202 CVE - 2024-30202 https://alas.aws.amazon.com/AL2023/ALAS-2024-584.html
参与讨论
你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
注意:你的帖子需要版主批准后才能看到。