CVE-2024-30204

CVSS v3.1

2.8

Low

Vector

AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Emacs versions prior to 29.3

Description The issue is related to LaTeX preview being enabled by default for e-mail attachments in Emacs. This could potentially allow attackers to execute remote code. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For Emacs versions prior to 29.3, upgrade to a patched version immediately to resolve the issue. As a temporary workaround, consider disabling LaTeX preview for e-mail attachments until a patch is available.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

AZL-37106

BDU:2025-16176

CVE-2024-30204

DLA-3801-1

DLA-3802-1

INFSA-2024_9302

MGASA-2024-0104

OESA-2024-1390

OPENSUSE-SU-2024_1294-1

RHSA-2024:9302

RHSA-2024_9302

RLSA-2024:9302

SUSE-SU-2024:1294-1

SUSE-SU-2024:1317-1

SUSE-SU-2024:2297-1

USN-7027-1

Affected Products

Astra Linux

Debian

Emacs

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

CVE-2024-30204

Weakness Enumeration

Related Identifiers

Affected Products

References · 75