CVE-2024-53920

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-53920
In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. (This unsafe expansion also occurs if a user chooses to enable on-the-fly diagnosis that byte compiles untrusted Emacs Lisp source code.)

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://eshelyaron.com/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.html Third Party Advisory
https://git.savannah.gnu.org/cgit/emacs.git/tag/?h=emacs-30.0.92 Product
https://git.savannah.gnu.org/cgit/emacs.git/tree/ChangeLog.4 Release Notes
https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-30.1 Product
https://news.ycombinator.com/item?id=42256409 Issue Tracking
https://yhetil.org/emacs/CAFXAjY5f4YfHAtZur1RAqH34UbYU56_t6t2Er0YEh1Sb7-W=hg@mail.gmail.com/ Mailing List
Configurations

Configuration 1 (hide)

cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*
History

30 Apr 2025, 16:21

Type Values Removed Values Added
First Time Gnu emacs
Gnu
References () https://eshelyaron.com/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.html - () https://eshelyaron.com/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.html - Third Party Advisory
References () https://git.savannah.gnu.org/cgit/emacs.git/tag/?h=emacs-30.0.92 - () https://git.savannah.gnu.org/cgit/emacs.git/tag/?h=emacs-30.0.92 - Product
References () https://git.savannah.gnu.org/cgit/emacs.git/tree/ChangeLog.4 - () https://git.savannah.gnu.org/cgit/emacs.git/tree/ChangeLog.4 - Release Notes
References () https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-30.1 - () https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-30.1 - Product
References () https://news.ycombinator.com/item?id=42256409 - () https://news.ycombinator.com/item?id=42256409 - Issue Tracking
References () https://yhetil.org/emacs/CAFXAjY5f4YfHAtZur1RAqH34UbYU56_t6t2Er0YEh1Sb7-W=hg@mail.gmail.com/ - () https://yhetil.org/emacs/CAFXAjY5f4YfHAtZur1RAqH34UbYU56_t6t2Er0YEh1Sb7-W=hg@mail.gmail.com/ - Mailing List
CPE cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*

13 Mar 2025, 20:15

Type Values Removed Values Added
CWE CWE-94
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.8

04 Mar 2025, 22:15

Type Values Removed Values Added
CWE CWE-94
CVSS v2 : unknown
v3 : 9.8 		v2 : unknown
v3 : unknown

01 Mar 2025, 06:15

Type Values Removed Values Added
References
  • {'url': 'https://yhetil.org/emacs/CAFXAjY5f4YfHAtZur1RAqH34UbYU56_t6t2Er0YEh1Sb7-W=hg%40mail.gmail.com/', 'source': 'cve@mitre.org'}
  • () https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-30.1 -
  • () https://yhetil.org/emacs/CAFXAjY5f4YfHAtZur1RAqH34UbYU56_t6t2Er0YEh1Sb7-W=hg@mail.gmail.com/ -
Summary (en) In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. (This unsafe expansion also occurs if a user chooses to enable on-the-fly diagnosis that byte compiles untrusted Emacs Lisp source code.) (en) In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. (This unsafe expansion also occurs if a user chooses to enable on-the-fly diagnosis that byte compiles untrusted Emacs Lisp source code.)
Information

Published : 2024-11-27 15:15

Updated : 2025-04-30 16:21

NVD link : CVE-2024-53920

Mitre link : CVE-2024-53920

CVE.ORG link : CVE-2024-53920

JSON object : View

Products Affected

gnu

  • emacs
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')