suse · CVE-2014-3422

Quick triage

Priority: medium Published: 2021-05-30 13:20:47 UTC Updated: 2026-04-18 18:39:53 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2014-3422 severity moderate: SUSE including 98 source package names (emacs, emacs-22.3-4.42.1, …), 268 product×package rows across 58 product lines (HPE Helion OpenStack 8, SUSE Linux Enterprise Desktop 11 SP3, … (58 product lines)): Fixed 181, Known Not Affected 87.

Description:

lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.

cvelogic Threat Intelligence