CVE-2023-2491 Information

Description

A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the \org-babel-execute:latex\ function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=2192873 https://access.redhat.com/errata/RHSA-2023:2626 https://access.redhat.com/errata/RHSA-2023:3104 https://access.redhat.com/security/cve/CVE-2023-2491