CVE-2022-45939

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
Affected Products (NVD)
VendorProductVersion
gnuemacs
𝑥
≤ 28.2
debiandebian_linux
10.0
debiandebian_linux
11.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
emacs
bookworm
1:28.2+1-15+deb12u3
fixed
bookworm (security)
1:28.2+1-15+deb12u3
fixed
bullseye
1:27.1+1-3.1+deb11u5
no-dsa
bullseye (security)
1:27.1+1-3.1+deb11u5
fixed
buster
no-dsa
sid
1:29.4+1-3
fixed
trixie
1:29.4+1-3
fixed
xemacs21
bookworm
21.4.24-11
fixed
bullseye
no-dsa
buster
no-dsa
sid
21.4.24-12
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
emacs
bionic
dne
focal
needed
jammy
needed
kinetic
ignored
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
ignored
xenial
ignored
emacs23
bionic
dne
focal
dne
jammy
dne
kinetic
dne
trusty
ignored
xenial
dne
emacs24
bionic
dne
focal
dne
jammy
dne
kinetic
dne
trusty
ignored
xenial
Fixed 24.5+1-6ubuntu1.1+esm1
released
emacs25
bionic
needed
focal
dne
jammy
dne
kinetic
dne
trusty
dne
xenial
dne
xemacs21
bionic
needs-triage
focal
needs-triage
jammy
needs-triage
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needs-triage
trusty
ignored
xenial
needs-triage
xemacs21-packages
bionic
needs-triage
focal
needs-triage
jammy
needs-triage
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needs-triage
trusty
ignored
xenial
needs-triage
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
emacs
suse enterprise desktop 15 SP3
25.3-150000.3.12.1
fixed
suse enterprise desktop 15 SP4
27.2-150400.3.3.1
fixed
suse enterprise desktop 15 SP5
27.2-150400.3.3.1
fixed
suse enterprise desktop 15 SP6
27.2-150400.3.3.1
fixed
suse enterprise desktop 15 SP7
27.2-150400.3.3.1
fixed
suse enterprise sap 12 SP5
24.3-25.9.1
fixed
suse enterprise sap 15
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP1
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP2
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP3
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP4
27.2-150400.3.3.1
fixed
suse enterprise sap 15 SP5
27.2-150400.3.3.1
fixed
suse enterprise sap 15 SP6
27.2-150400.3.3.1
fixed
suse enterprise sap 15 SP7
27.2-150400.3.3.1
fixed
suse enterprise server 12 SP2
24.3-25.9.1
fixed
suse enterprise server 12 SP3
24.3-25.9.1
fixed
suse enterprise server 12 SP4
24.3-25.9.1
fixed
suse enterprise server 12 SP5
24.3-25.9.1
fixed
suse enterprise server 15
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP1
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP2
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP3
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP4
27.2-150400.3.3.1
fixed
suse enterprise server 15 SP5
27.2-150400.3.3.1
fixed
suse enterprise server 15 SP6
27.2-150400.3.3.1
fixed
suse enterprise server 15 SP7
27.2-150400.3.3.1
fixed
emacs-el
suse enterprise desktop 15 SP3
25.3-150000.3.12.1
fixed
suse enterprise desktop 15 SP4
27.2-150400.3.3.1
fixed
suse enterprise desktop 15 SP5
27.2-150400.3.3.1
fixed
suse enterprise desktop 15 SP6
27.2-150400.3.3.1
fixed
suse enterprise desktop 15 SP7
27.2-150400.3.3.1
fixed
suse enterprise sap 12 SP5
24.3-25.9.1
fixed
suse enterprise sap 15
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP1
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP2
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP3
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP4
27.2-150400.3.3.1
fixed
suse enterprise sap 15 SP5
27.2-150400.3.3.1
fixed
suse enterprise sap 15 SP6
27.2-150400.3.3.1
fixed
suse enterprise sap 15 SP7
27.2-150400.3.3.1
fixed
suse enterprise server 12 SP2
24.3-25.9.1
fixed
suse enterprise server 12 SP3
24.3-25.9.1
fixed
suse enterprise server 12 SP4
24.3-25.9.1
fixed
suse enterprise server 12 SP5
24.3-25.9.1
fixed
suse enterprise server 15
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP1
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP2
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP3
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP4
27.2-150400.3.3.1
fixed
suse enterprise server 15 SP5
27.2-150400.3.3.1
fixed
suse enterprise server 15 SP6
27.2-150400.3.3.1
fixed
suse enterprise server 15 SP7
27.2-150400.3.3.1
fixed
emacs-info
suse enterprise desktop 15 SP3
25.3-150000.3.12.1
fixed
suse enterprise desktop 15 SP4
27.2-150400.3.3.1
fixed
suse enterprise desktop 15 SP5
27.2-150400.3.3.1
fixed
suse enterprise desktop 15 SP6
27.2-150400.3.3.1
fixed
suse enterprise desktop 15 SP7
27.2-150400.3.3.1
fixed
suse enterprise sap 12 SP5
24.3-25.9.1
fixed
suse enterprise sap 15
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP1
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP2
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP3
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP4
27.2-150400.3.3.1
fixed
suse enterprise sap 15 SP5
27.2-150400.3.3.1
fixed
suse enterprise sap 15 SP6
27.2-150400.3.3.1
fixed
suse enterprise sap 15 SP7
27.2-150400.3.3.1
fixed
suse enterprise server 12 SP2
24.3-25.9.1
fixed
suse enterprise server 12 SP3
24.3-25.9.1
fixed
suse enterprise server 12 SP4
24.3-25.9.1
fixed
suse enterprise server 12 SP5
24.3-25.9.1
fixed
suse enterprise server 15
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP1
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP2
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP3
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP4
27.2-150400.3.3.1
fixed
suse enterprise server 15 SP5
27.2-150400.3.3.1
fixed
suse enterprise server 15 SP6
27.2-150400.3.3.1
fixed
suse enterprise server 15 SP7
27.2-150400.3.3.1
fixed
emacs-nox
suse enterprise desktop 15 SP3
25.3-150000.3.12.1
fixed
suse enterprise desktop 15 SP4
27.2-150400.3.3.1
fixed
suse enterprise desktop 15 SP5
27.2-150400.3.3.1
fixed
suse enterprise desktop 15 SP6
27.2-150400.3.3.1
fixed
suse enterprise desktop 15 SP7
27.2-150400.3.3.1
fixed
suse enterprise sap 12 SP5
24.3-25.9.1
fixed
suse enterprise sap 15
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP1
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP2
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP3
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP4
27.2-150400.3.3.1
fixed
suse enterprise sap 15 SP5
27.2-150400.3.3.1
fixed
suse enterprise sap 15 SP6
27.2-150400.3.3.1
fixed
suse enterprise sap 15 SP7
27.2-150400.3.3.1
fixed
suse enterprise server 12 SP2
24.3-25.9.1
fixed
suse enterprise server 12 SP3
24.3-25.9.1
fixed
suse enterprise server 12 SP4
24.3-25.9.1
fixed
suse enterprise server 12 SP5
24.3-25.9.1
fixed
suse enterprise server 15
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP1
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP2
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP3
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP4
27.2-150400.3.3.1
fixed
suse enterprise server 15 SP5
27.2-150400.3.3.1
fixed
suse enterprise server 15 SP6
27.2-150400.3.3.1
fixed
suse enterprise server 15 SP7
27.2-150400.3.3.1
fixed
emacs-x11
suse enterprise sap 12 SP5
24.3-25.9.1
fixed
suse enterprise sap 15
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP1
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP2
25.3-150000.3.12.1
fixed
suse enterprise server 12 SP2
24.3-25.9.1
fixed
suse enterprise server 12 SP3
24.3-25.9.1
fixed
suse enterprise server 12 SP4
24.3-25.9.1
fixed
suse enterprise server 12 SP5
24.3-25.9.1
fixed
suse enterprise server 15
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP1
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP2
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP4
27.2-150400.3.3.1
fixed
etags
suse enterprise desktop 15 SP3
25.3-150000.3.12.1
fixed
suse enterprise desktop 15 SP4
27.2-150400.3.3.1
fixed
suse enterprise desktop 15 SP5
27.2-150400.3.3.1
fixed
suse enterprise desktop 15 SP6
27.2-150400.3.3.1
fixed
suse enterprise desktop 15 SP7
27.2-150400.3.3.1
fixed
suse enterprise sap 12 SP5
24.3-25.9.1
fixed
suse enterprise sap 15
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP1
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP2
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP3
25.3-150000.3.12.1
fixed
suse enterprise sap 15 SP4
27.2-150400.3.3.1
fixed
suse enterprise sap 15 SP5
27.2-150400.3.3.1
fixed
suse enterprise sap 15 SP6
27.2-150400.3.3.1
fixed
suse enterprise sap 15 SP7
27.2-150400.3.3.1
fixed
suse enterprise server 12 SP2
24.3-25.9.1
fixed
suse enterprise server 12 SP3
24.3-25.9.1
fixed
suse enterprise server 12 SP4
24.3-25.9.1
fixed
suse enterprise server 12 SP5
24.3-25.9.1
fixed
suse enterprise server 15
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP1
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP2
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP3
25.3-150000.3.12.1
fixed
suse enterprise server 15 SP4
27.2-150400.3.3.1
fixed
suse enterprise server 15 SP5
27.2-150400.3.3.1
fixed
suse enterprise server 15 SP6
27.2-150400.3.3.1
fixed
suse enterprise server 15 SP7
27.2-150400.3.3.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
emacs
RHEL 8
1:26.1-9.el8
fixed
RHEL 8.6 AUS
1:26.1-7.el8_6.3
fixed
RHEL 8.6 E4S
1:26.1-7.el8_6.3
fixed
RHEL 8.6 EUS
1:26.1-7.el8_6.3
fixed
RHEL 8.6 TUS
1:26.1-7.el8_6.3
fixed
RHEL 9
1:27.2-8.el9
fixed
emacs-common
RHEL 8
1:26.1-9.el8
fixed
RHEL 8.6 AUS
1:26.1-7.el8_6.3
fixed
RHEL 8.6 E4S
1:26.1-7.el8_6.3
fixed
RHEL 8.6 EUS
1:26.1-7.el8_6.3
fixed
RHEL 8.6 TUS
1:26.1-7.el8_6.3
fixed
RHEL 9
1:27.2-8.el9
fixed
emacs-filesystem
RHEL 8
1:26.1-9.el8
fixed
RHEL 8.6 AUS
1:26.1-7.el8_6.3
fixed
RHEL 8.6 E4S
1:26.1-7.el8_6.3
fixed
RHEL 8.6 EUS
1:26.1-7.el8_6.3
fixed
RHEL 8.6 TUS
1:26.1-7.el8_6.3
fixed
RHEL 9
1:27.2-8.el9
fixed
emacs-lucid
RHEL 8
1:26.1-9.el8
fixed
RHEL 8.6 AUS
1:26.1-7.el8_6.3
fixed
RHEL 8.6 E4S
1:26.1-7.el8_6.3
fixed
RHEL 8.6 EUS
1:26.1-7.el8_6.3
fixed
RHEL 8.6 TUS
1:26.1-7.el8_6.3
fixed
RHEL 9
1:27.2-8.el9
fixed
emacs-nox
RHEL 8
1:26.1-9.el8
fixed
RHEL 8.6 AUS
1:26.1-7.el8_6.3
fixed
RHEL 8.6 E4S
1:26.1-7.el8_6.3
fixed
RHEL 8.6 EUS
1:26.1-7.el8_6.3
fixed
RHEL 8.6 TUS
1:26.1-7.el8_6.3
fixed
RHEL 9
1:27.2-8.el9
fixed
emacs-terminal
RHEL 8
1:26.1-9.el8
fixed
RHEL 8.6 AUS
1:26.1-7.el8_6.3
fixed
RHEL 8.6 E4S
1:26.1-7.el8_6.3
fixed
RHEL 8.6 EUS
1:26.1-7.el8_6.3
fixed
RHEL 8.6 TUS
1:26.1-7.el8_6.3
fixed
Common Weakness Enumeration
References
https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=d48bb4874bc6cd3e69c7a15fc3c91cc141025c51
https://lists.debian.org/debian-lts-announce/2022/12/msg00046.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOSK3J7BBAEI4IITW2DRUKLQYUZYKH6Y/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GOXIH2FDEQJEAARE52C3GHTLGQFBYPIB/
https://www.debian.org/security/2023/dsa-5314
https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=d48bb4874bc6cd3e69c7a15fc3c91cc141025c51
https://lists.debian.org/debian-lts-announce/2022/12/msg00046.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOSK3J7BBAEI4IITW2DRUKLQYUZYKH6Y/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GOXIH2FDEQJEAARE52C3GHTLGQFBYPIB/
https://www.debian.org/security/2023/dsa-5314