Bug 2208943 (CVE-2023-32700) - CVE-2023-32700 texlive: arbitrary code execution allows document complied with older version
Summary: CVE-2023-32700 texlive: arbitrary code execution allows document complied wit...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2023-32700
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2209863 2209864 2209865 2209866 2209867 2209868 2209869 2209870 2209871 2209872 2209873
Blocks: 2203847
TreeView+ depends on / blocked
 
Reported: 2023-05-22 07:12 UTC by Dhananjay Arunesh
Modified: 2023-08-24 06:29 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
An arbitrary code execution vulnerability was found in LuaTeX (TeX Live) that allows any document compiled with older versions of LuaTeX to execute arbitrary shell commands, even with shell escape disabled.
Clone Of:
Environment:
Last Closed: 2023-06-19 20:07:49 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2023:3661 0 None None None 2023-06-19 09:21:02 UTC

Description Dhananjay Arunesh 2023-05-22 07:12:02 UTC
An arbitrary code execution vulnerability in LuaTeX (TeX Live) that allows any document compiled with older versions of LuaTeX to execute arbitrary shell commands, even with shell escape disabled. This affects LuaTeX versions 1.04-1.16.1, which were included in TeX Live 2017-2023. This issue was fixed in LuaTeX 1.17.0, which is included in recent updates to TeX Live 2023.

References:
https://tug.org/~mseven/luatex.html

Comment 1 Dhananjay Arunesh 2023-05-25 06:27:28 UTC
Created texlive tracking bugs for this issue:

Affects: fedora-all [bug 2209863]

Comment 3 errata-xmlrpc 2023-06-19 09:21:00 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service
  Red Hat Enterprise Linux 8.6 Extended Update Support
  Red Hat Enterprise Linux 8
  Red Hat Enterprise Linux 9.0 Extended Update Support
  Red Hat Enterprise Linux 9
  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2023:3661 https://access.redhat.com/errata/RHSA-2023:3661

Comment 4 Product Security DevOps Team 2023-06-19 20:07:47 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2023-32700


Note You need to log in before you can comment on or make changes to this bug.