Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Ubuntu 24.04 LTS Emacs Moderately Unsafe Code Execution Flaw USN-8011-1

ubuntu
Calendar Grey February 4, 2026
Dist Ubuntu Esm H88
Multiple security issues were resolved in Emacs, affecting several Ubuntu distributions with potential arbitrary code execution risks.
Several security issues were fixed in Emacs.

Summary

Several security issues were fixed in Emacs.

Software Description:

- emacs: An extensible, customizable, free/libre text editor \u2014 and more.

Details:

It was discovered that Emacs could trigger unsafe Lisp macro expansion,

when a user invoked elisp-completion-at-point on untrusted Emacs Lisp

source code. An attacker could possibly use this issue to execute

arbitrary code. (CVE-2024-53920)

It was discovered that Emacs did not properly sanitize input when

handling certain URI schemes. An attacker could possibly use this issue

to execute arbitrary shell commands by tricking a user into opening a

specially crafted URL. (CVE-2025-1244)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
  emacs                           1:29.3+1-1ubuntu2+esm3
                                  Available with Ubuntu Pro
  emacs-bin-common                1:29.3+1-1ubuntu2+esm3
                                  Available with Ubuntu Pro
  emacs-common                    1:29.3+1-1ubuntu2+esm3
                                  Available with Ubuntu Pro
  emacs-el                        1:29.3+1-1ubuntu2+esm3
                                  Available with Ubuntu Pro
  emacs-gtk                       1:29.3+1-1ubuntu2+esm3
                                  Available with Ubuntu Pro
  emacs-lucid                     1:29.3+1-1ubuntu2+esm3
                                  Available with Ubuntu Pro
  emacs-nox                       1:29.3+1-1ubuntu2+esm3
                                  Available with Ubuntu Pro
  emacs-pgtk                      1:29.3+1-1ubuntu2+esm3
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  emacs                           1:27.1+1-3ubuntu5.2+esm1
                                  Available with Ubuntu Pro
  emacs-bin-common                1:27.1+1-3ubuntu5.2+esm1
                                  Available with Ubuntu Pro
  emacs-common                    1:27.1+1-3ubuntu5.2+esm1
                                  Available with Ubuntu Pro
  emacs-el                        1:27.1+1-3ubuntu5.2+esm1
                                  Available with Ubuntu Pro
  emacs-gtk                       1:27.1+1-3ubuntu5.2+esm1
                                  Available with Ubuntu Pro
  emacs-lucid                     1:27.1+1-3ubuntu5.2+esm1
                                  Available with Ubuntu Pro
  emacs-nox                       1:27.1+1-3ubuntu5.2+esm1
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS
  emacs                           1:26.3+1-1ubuntu2+esm2
                                  Available with Ubuntu Pro
  emacs-bin-common                1:26.3+1-1ubuntu2+esm2
                                  Available with Ubuntu Pro
  emacs-common                    1:26.3+1-1ubuntu2+esm2
                                  Available with Ubuntu Pro
  emacs-el                        1:26.3+1-1ubuntu2+esm2
                                  Available with Ubuntu Pro
  emacs-gtk                       1:26.3+1-1ubuntu2+esm2
                                  Available with Ubuntu Pro
  emacs-lucid                     1:26.3+1-1ubuntu2+esm2
                                  Available with Ubuntu Pro
  emacs-nox                       1:26.3+1-1ubuntu2+esm2
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8011-1

CVE-2024-53920, CVE-2025-1244

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8011-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here