Stay Secure with the Latest Linux Advisories

security advisorymoderatecommand execution

Rocky Linux Emacs Moderate Command Execution Threat RLSA-2023-7083

Moderate: emacs security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2023:7083", "synopsis": "Moderate: emacs security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for emacs.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news.\n\nSecurity Fix(es):\n\n* emacs: command execution via shell metacharacters (CVE-2022-48337)\n\n* emacs: command injection vulnerability in htmlfontify.el (CVE-2022-48339)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.9 Release Notes linked from the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2171987", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2171987", "description": ""}, {"ticket": "2171989", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2171989", "description": ""}], "cves": [{"name": "CVE-2022-48337", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48337", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.3", "cwe": "CWE-77"}, {"name": "CVE-2022-48339", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48339", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-77"}], "references": [], "publishedAt": "2026-06-25T12:00:44.845974Z", "rpms": {"RockyLinux 8": {"nvras": ["emacs-1:26.1-11.el8.aarch64.rpm", "emacs-1:26.1-11.el8.src.rpm", "emacs-1:26.1-11.el8.x86_64.rpm", "emacs-common-1:26.1-11.el8.aarch64.rpm", "emacs-common-1:26.1-11.el8.x86_64.rpm", "emacs-common-debuginfo-1:26.1-11.el8.aarch64.rpm", "emacs-debuginfo-1:26.1-11.el8.aarch64.rpm", "emacs-debugsource-1:26.1-11.el8.aarch64.rpm", "emacs-filesystem-1:26.1-11.el8.noarch.rpm", "emacs-lucid-1:26.1-11.el8.aarch64.rpm", "emacs-lucid-1:26.1-11.el8.x86_64.rpm", "emacs-lucid-debuginfo-1:26.1-11.el8.aarch64.rpm", "emacs-nox-1:26.1-11.el8.aarch64.rpm", "emacs-nox-1:26.1-11.el8.x86_64.rpm", "emacs-nox-debuginfo-1:26.1-11.el8.aarch64.rpm", "emacs-terminal-1:26.1-11.el8.noarch.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Update for emacs on Rocky Linux addresses moderate issues including command execution and command injection vulnerabilities.. security updates emacs command injection Rocky Linux. . Severity: moderate. LinuxSecurity.com Team

Jun 25, 2026 •moderate Rocky Linux