Fluid Attacks Database

Description

It was found that emacs applies the opened file read permissions to the swap file, overriding the process' umask. An attacker might search for vim swap files, that were not deleted properly, in order to retrieve sensible data.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package
rpm rhel9	emacs
rpm rhel7	emacs
rpm rhel6	emacs
rpm rhel5	emacs

Aliases

1. CVE-2017-10003832. NVD-2017-10003833. OSV-2017-1000383

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.