PT-2017-4251 · Luatex+10 · Luatex+10

Max Chernoff

Publicado

2017-03-01

Atualizado

2025-01-31

CVE-2023-32700

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions LuaTeX versions prior to 1.17.0 TeX Live versions prior to 2023 r66984 MiKTeX versions prior to 23.5

Description The issue is related to the io.popen() function in the luatex-core.lua component, which lacks input validation. This allows an attacker to execute arbitrary shell commands when a TeX file from an untrusted source is compiled. The vulnerability can be exploited by accessing the original io.popen through luatex-core.lua.

Recommendations For LuaTeX versions prior to 1.17.0, update to version 1.17.0 or later to resolve the issue. For TeX Live versions prior to 2023 r66984, update to version 2023 r66984 or later to resolve the issue. For MiKTeX versions prior to 23.5, update to version 23.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the io.popen() function in luatex-core.lua to minimize the risk of exploitation.

Correção

Command Injection

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-77CWE-78

Identificadores relacionados

ALSA-2023:3661

BDU:2023-03875

CESA-2023_3661

CVE-2023-32700

DLA-3427-1

DLA-3427-2

DLA-3946-1

DSA-5406-1

INFSA-2023_3661

MGASA-2023-0233

OESA-2023-1421

OPENSUSE-SU-2023_2284-2

OPENSUSE-SU-2024:12936-1

RHSA-2023:3661

RHSA-2023_3661

RLSA-2023:3661

SUSE-SU-2023:2284-1

SUSE-SU-2023:2284-2

SUSE-SU-2023:2285-1

SUSE-SU-2023:2287-1

SUSE-SU-2023_2284-1

SUSE-SU-2023_2285-1

USN-6115-1

Produtos afetados

Almalinux

Astra Linux

Centos

Linuxmint

Luatex

Miktex

Red Hat

Rocky Linux

Suse

Tex Live

Ubuntu

PT-2017-4251 · Luatex+10 · Luatex+10

CVE-2023-32700

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 64