Bug 1222049 (CVE-2024-30202)

Summary:	VUL-0: CVE-2024-30202: emacs: arbitrary Lisp code is evaluated as part of turning on Org mode
Product:	[Novell Products] SUSE Security Incidents	Reporter:	SMASH SMASH <smash_bz>
Component:	Incidents	Assignee:	Security Team bot <security-team>
Status:	NEW ---	QA Contact:	Security Team bot <security-team>
Severity:	Normal
Priority:	P3 - Medium	CC:	andrea.mattiazzo, smash_bz, werner
Version:	unspecified
Target Milestone:	---
Hardware:	Other
OS:	Other
URL:	https://smash.suse.de/issue/398852/
Whiteboard:	CVSSv3.1:SUSE:CVE-2024-30202:7.8:(AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Found By:	Security Response Team	Services Priority:
Business Priority:		Blocker:	---
Marketing QA Status:	---	IT Deployment:	---

Description SMASH SMASH 2024-03-27 10:28:40 UTC

In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-30202
https://www.cve.org/CVERecord?id=CVE-2024-30202
https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29

Patch:
https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=2bc865ace050ff118db43f01457f95f95112b877
https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=4255d5dcc0657915f90e4fba7e0a5514cced514d

Comment 1 Andrea Mattiazzo 2024-03-27 10:30:07 UTC

(In reply to SMASH SMASH from comment #0)
> In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on
> Org mode. This affects Org Mode before 9.6.23.
> 
> References:
> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-30202
> https://www.cve.org/CVERecord?id=CVE-2024-30202
> https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29
> 
> Patch:
> https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-
> 29&id=2bc865ace050ff118db43f01457f95f95112b877
> https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/
> ?id=4255d5dcc0657915f90e4fba7e0a5514cced514d

Misstyped, patch for this CVE are:
- https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=befa9fcaae29a6c9a283ba371c3c5234c7f644eb
- https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=003ddacf1c8d869b1858181c29ea21b731a8d8d9

Comment 2 Dr. Werner Fink 2024-03-27 13:26:48 UTC

As Factory is fixed ... is this valid for SLE-15 or SLE-12

SLE-15-SP4/emacs-27.2> pkgtouch -p1 ../CVE-2024-30202.patch 
2 out of 2 hunks FAILED -- saving rejects to file lisp/org/org-macro.el.rej

Comment 5 Dr. Werner Fink 2024-03-27 14:34:05 UTC

(In reply to Andrea Mattiazzo from comment #4)
> (In reply to Andrea Mattiazzo from comment #3)
> > Looking through the code:
> > 
> > Tracking as affected:
> > - SUSE:ALP:Source:Standard:1.0/emacs

SR#324964