Rapid7 Vulnerability & Exploit Database

Rocky Linux: CVE-2023-32700: texlive (RLSA-2023-3661)

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Rocky Linux: CVE-2023-32700: texlive (RLSA-2023-3661)

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

05/20/2023

Created

03/07/2024

Added

04/19/2024

Modified

04/19/2024

Description

LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5.

Solution(s)

rocky-upgrade-texlive
rocky-upgrade-texlive-adjustbox
rocky-upgrade-texlive-ae
rocky-upgrade-texlive-algorithms
rocky-upgrade-texlive-alphalph
rocky-upgrade-texlive-amscls
rocky-upgrade-texlive-amsfonts
rocky-upgrade-texlive-amsmath
rocky-upgrade-texlive-anyfontsize
rocky-upgrade-texlive-anysize
rocky-upgrade-texlive-appendix
rocky-upgrade-texlive-arabxetex
rocky-upgrade-texlive-arphic
rocky-upgrade-texlive-atbegshi
rocky-upgrade-texlive-attachfile
rocky-upgrade-texlive-attachfile2
rocky-upgrade-texlive-atveryend
rocky-upgrade-texlive-auxhook
rocky-upgrade-texlive-avantgar
rocky-upgrade-texlive-awesomebox
rocky-upgrade-texlive-babel
rocky-upgrade-texlive-babel-english
rocky-upgrade-texlive-babelbib
rocky-upgrade-texlive-base
rocky-upgrade-texlive-beamer
rocky-upgrade-texlive-bera
rocky-upgrade-texlive-beton
rocky-upgrade-texlive-bibtex
rocky-upgrade-texlive-bibtex-debuginfo
rocky-upgrade-texlive-bibtopic
rocky-upgrade-texlive-bidi
rocky-upgrade-texlive-bigfoot
rocky-upgrade-texlive-bigintcalc
rocky-upgrade-texlive-bitset
rocky-upgrade-texlive-bookman
rocky-upgrade-texlive-bookmark
rocky-upgrade-texlive-booktabs
rocky-upgrade-texlive-breakurl
rocky-upgrade-texlive-breqn
rocky-upgrade-texlive-capt-of
rocky-upgrade-texlive-caption
rocky-upgrade-texlive-carlisle
rocky-upgrade-texlive-catchfile
rocky-upgrade-texlive-changebar
rocky-upgrade-texlive-changepage
rocky-upgrade-texlive-charter
rocky-upgrade-texlive-chngcntr
rocky-upgrade-texlive-cite
rocky-upgrade-texlive-cjk
rocky-upgrade-texlive-classpack
rocky-upgrade-texlive-cm
rocky-upgrade-texlive-cm-lgc
rocky-upgrade-texlive-cm-super
rocky-upgrade-texlive-cmap
rocky-upgrade-texlive-cmextra
rocky-upgrade-texlive-cns
rocky-upgrade-texlive-collectbox
rocky-upgrade-texlive-collection-basic
rocky-upgrade-texlive-collection-fontsrecommended
rocky-upgrade-texlive-collection-htmlxml
rocky-upgrade-texlive-collection-latex
rocky-upgrade-texlive-collection-latexrecommended
rocky-upgrade-texlive-collection-xetex
rocky-upgrade-texlive-colorprofiles
rocky-upgrade-texlive-colortbl
rocky-upgrade-texlive-context
rocky-upgrade-texlive-courier
rocky-upgrade-texlive-crop
rocky-upgrade-texlive-csquotes
rocky-upgrade-texlive-ctable
rocky-upgrade-texlive-ctablestack
rocky-upgrade-texlive-currfile
rocky-upgrade-texlive-datetime
rocky-upgrade-texlive-debuginfo
rocky-upgrade-texlive-debugsource
rocky-upgrade-texlive-dehyph
rocky-upgrade-texlive-dvipdfmx
rocky-upgrade-texlive-dvipng
rocky-upgrade-texlive-dvipng-debuginfo
rocky-upgrade-texlive-dvips
rocky-upgrade-texlive-dvips-debuginfo
rocky-upgrade-texlive-dvisvgm
rocky-upgrade-texlive-dvisvgm-debuginfo
rocky-upgrade-texlive-ec
rocky-upgrade-texlive-eepic
rocky-upgrade-texlive-enctex
rocky-upgrade-texlive-enumitem
rocky-upgrade-texlive-environ
rocky-upgrade-texlive-epsf
rocky-upgrade-texlive-epstopdf
rocky-upgrade-texlive-epstopdf-pkg
rocky-upgrade-texlive-eqparbox
rocky-upgrade-texlive-eso-pic
rocky-upgrade-texlive-etex
rocky-upgrade-texlive-etex-pkg
rocky-upgrade-texlive-etexcmds
rocky-upgrade-texlive-etoc
rocky-upgrade-texlive-etoolbox
rocky-upgrade-texlive-euenc
rocky-upgrade-texlive-euler
rocky-upgrade-texlive-euro
rocky-upgrade-texlive-eurosym
rocky-upgrade-texlive-extsizes
rocky-upgrade-texlive-fancybox
rocky-upgrade-texlive-fancyhdr
rocky-upgrade-texlive-fancyref
rocky-upgrade-texlive-fancyvrb
rocky-upgrade-texlive-filecontents
rocky-upgrade-texlive-filehook
rocky-upgrade-texlive-finstrut
rocky-upgrade-texlive-fix2col
rocky-upgrade-texlive-fixlatvian
rocky-upgrade-texlive-float
rocky-upgrade-texlive-fmtcount
rocky-upgrade-texlive-fncychap
rocky-upgrade-texlive-fontawesome
rocky-upgrade-texlive-fontbook
rocky-upgrade-texlive-fonts-tlwg
rocky-upgrade-texlive-fontspec
rocky-upgrade-texlive-fontware
rocky-upgrade-texlive-fontware-debuginfo
rocky-upgrade-texlive-fontwrap
rocky-upgrade-texlive-footmisc
rocky-upgrade-texlive-footnotehyper
rocky-upgrade-texlive-fp
rocky-upgrade-texlive-fpl
rocky-upgrade-texlive-framed
rocky-upgrade-texlive-garuda-c90
rocky-upgrade-texlive-geometry
rocky-upgrade-texlive-gettitlestring
rocky-upgrade-texlive-glyphlist
rocky-upgrade-texlive-gnu-freefont
rocky-upgrade-texlive-graphics
rocky-upgrade-texlive-graphics-cfg
rocky-upgrade-texlive-graphics-def
rocky-upgrade-texlive-grfext
rocky-upgrade-texlive-grffile
rocky-upgrade-texlive-gsftopk
rocky-upgrade-texlive-gsftopk-debuginfo
rocky-upgrade-texlive-hanging
rocky-upgrade-texlive-helvetic
rocky-upgrade-texlive-hobsub
rocky-upgrade-texlive-hologo
rocky-upgrade-texlive-hycolor
rocky-upgrade-texlive-hyperref
rocky-upgrade-texlive-hyph-utf8
rocky-upgrade-texlive-hyphen-base
rocky-upgrade-texlive-hyphenat
rocky-upgrade-texlive-hyphenex
rocky-upgrade-texlive-ifetex
rocky-upgrade-texlive-ifluatex
rocky-upgrade-texlive-ifmtarg
rocky-upgrade-texlive-ifoddpage
rocky-upgrade-texlive-ifplatform
rocky-upgrade-texlive-iftex
rocky-upgrade-texlive-ifxetex
rocky-upgrade-texlive-import
rocky-upgrade-texlive-index
rocky-upgrade-texlive-infwarerr
rocky-upgrade-texlive-intcalc
rocky-upgrade-texlive-jadetex
rocky-upgrade-texlive-jknapltx
rocky-upgrade-texlive-kastrup
rocky-upgrade-texlive-kerkis
rocky-upgrade-texlive-knuth-lib
rocky-upgrade-texlive-knuth-local
rocky-upgrade-texlive-koma-script
rocky-upgrade-texlive-kpathsea
rocky-upgrade-texlive-kpathsea-debuginfo
rocky-upgrade-texlive-kvdefinekeys
rocky-upgrade-texlive-kvoptions
rocky-upgrade-texlive-kvsetkeys
rocky-upgrade-texlive-l3backend
rocky-upgrade-texlive-l3experimental
rocky-upgrade-texlive-l3kernel
rocky-upgrade-texlive-l3packages
rocky-upgrade-texlive-lastpage
rocky-upgrade-texlive-latex
rocky-upgrade-texlive-latex-fonts
rocky-upgrade-texlive-latex2man
rocky-upgrade-texlive-latexbug
rocky-upgrade-texlive-latexconfig
rocky-upgrade-texlive-letltxmacro
rocky-upgrade-texlive-lettrine
rocky-upgrade-texlive-lib
rocky-upgrade-texlive-lib-debuginfo
rocky-upgrade-texlive-lib-devel
rocky-upgrade-texlive-linegoal
rocky-upgrade-texlive-lineno
rocky-upgrade-texlive-listings
rocky-upgrade-texlive-listofitems
rocky-upgrade-texlive-lm
rocky-upgrade-texlive-lm-math
rocky-upgrade-texlive-ltabptch
rocky-upgrade-texlive-ltxcmds
rocky-upgrade-texlive-ltxmisc
rocky-upgrade-texlive-lua-alt-getopt
rocky-upgrade-texlive-luahbtex
rocky-upgrade-texlive-luahbtex-debuginfo
rocky-upgrade-texlive-lualatex-math
rocky-upgrade-texlive-lualibs
rocky-upgrade-texlive-luaotfload
rocky-upgrade-texlive-luatex
rocky-upgrade-texlive-luatex-debuginfo
rocky-upgrade-texlive-luatex85
rocky-upgrade-texlive-luatexbase
rocky-upgrade-texlive-lwarp
rocky-upgrade-texlive-makecmds
rocky-upgrade-texlive-makeindex
rocky-upgrade-texlive-makeindex-debuginfo
rocky-upgrade-texlive-manfnt-font
rocky-upgrade-texlive-marginnote
rocky-upgrade-texlive-marvosym
rocky-upgrade-texlive-mathpazo
rocky-upgrade-texlive-mathspec
rocky-upgrade-texlive-mathtools
rocky-upgrade-texlive-mdwtools
rocky-upgrade-texlive-memoir
rocky-upgrade-texlive-metafont
rocky-upgrade-texlive-metafont-debuginfo
rocky-upgrade-texlive-metalogo
rocky-upgrade-texlive-metapost
rocky-upgrade-texlive-metapost-debuginfo
rocky-upgrade-texlive-mflogo
rocky-upgrade-texlive-mflogo-font
rocky-upgrade-texlive-mfnfss
rocky-upgrade-texlive-mfware
rocky-upgrade-texlive-mfware-debuginfo
rocky-upgrade-texlive-microtype
rocky-upgrade-texlive-minitoc
rocky-upgrade-texlive-mnsymbol
rocky-upgrade-texlive-modes
rocky-upgrade-texlive-mparhack
rocky-upgrade-texlive-mptopdf
rocky-upgrade-texlive-ms
rocky-upgrade-texlive-multido
rocky-upgrade-texlive-multirow
rocky-upgrade-texlive-natbib
rocky-upgrade-texlive-ncctools
rocky-upgrade-texlive-ncntrsbk
rocky-upgrade-texlive-needspace
rocky-upgrade-texlive-newfloat
rocky-upgrade-texlive-newunicodechar
rocky-upgrade-texlive-norasi-c90
rocky-upgrade-texlive-notoccite
rocky-upgrade-texlive-ntgclass
rocky-upgrade-texlive-oberdiek
rocky-upgrade-texlive-obsolete
rocky-upgrade-texlive-overpic
rocky-upgrade-texlive-palatino
rocky-upgrade-texlive-paralist
rocky-upgrade-texlive-parallel
rocky-upgrade-texlive-parskip
rocky-upgrade-texlive-passivetex
rocky-upgrade-texlive-pdfcolmk
rocky-upgrade-texlive-pdfescape
rocky-upgrade-texlive-pdflscape
rocky-upgrade-texlive-pdfpages
rocky-upgrade-texlive-pdftex
rocky-upgrade-texlive-pdftex-debuginfo
rocky-upgrade-texlive-pdftexcmds
rocky-upgrade-texlive-pgf
rocky-upgrade-texlive-philokalia
rocky-upgrade-texlive-placeins
rocky-upgrade-texlive-plain
rocky-upgrade-texlive-polyglossia
rocky-upgrade-texlive-powerdot
rocky-upgrade-texlive-preprint
rocky-upgrade-texlive-psfrag
rocky-upgrade-texlive-pslatex
rocky-upgrade-texlive-psnfss
rocky-upgrade-texlive-pspicture
rocky-upgrade-texlive-pst-3d
rocky-upgrade-texlive-pst-arrow
rocky-upgrade-texlive-pst-blur
rocky-upgrade-texlive-pst-coil
rocky-upgrade-texlive-pst-eps
rocky-upgrade-texlive-pst-fill
rocky-upgrade-texlive-pst-grad
rocky-upgrade-texlive-pst-math
rocky-upgrade-texlive-pst-node
rocky-upgrade-texlive-pst-plot
rocky-upgrade-texlive-pst-slpe
rocky-upgrade-texlive-pst-text
rocky-upgrade-texlive-pst-tools
rocky-upgrade-texlive-pst-tree
rocky-upgrade-texlive-pstricks
rocky-upgrade-texlive-pstricks-add
rocky-upgrade-texlive-ptext
rocky-upgrade-texlive-pxfonts
rocky-upgrade-texlive-qstest
rocky-upgrade-texlive-ragged2e
rocky-upgrade-texlive-rcs
rocky-upgrade-texlive-realscripts
rocky-upgrade-texlive-refcount
rocky-upgrade-texlive-rerunfilecheck
rocky-upgrade-texlive-rsfs
rocky-upgrade-texlive-sansmath
rocky-upgrade-texlive-sansmathaccent
rocky-upgrade-texlive-sauerj
rocky-upgrade-texlive-scheme-basic
rocky-upgrade-texlive-section
rocky-upgrade-texlive-sectsty
rocky-upgrade-texlive-seminar
rocky-upgrade-texlive-sepnum
rocky-upgrade-texlive-setspace
rocky-upgrade-texlive-showexpl
rocky-upgrade-texlive-soul
rocky-upgrade-texlive-stackengine
rocky-upgrade-texlive-stmaryrd
rocky-upgrade-texlive-stringenc
rocky-upgrade-texlive-subfig
rocky-upgrade-texlive-subfigure
rocky-upgrade-texlive-svn-prov
rocky-upgrade-texlive-symbol
rocky-upgrade-texlive-t2
rocky-upgrade-texlive-tabu
rocky-upgrade-texlive-tabulary
rocky-upgrade-texlive-tetex
rocky-upgrade-texlive-tex
rocky-upgrade-texlive-tex-debuginfo
rocky-upgrade-texlive-tex-gyre
rocky-upgrade-texlive-tex-gyre-math
rocky-upgrade-texlive-tex-ini-files
rocky-upgrade-texlive-tex4ht
rocky-upgrade-texlive-tex4ht-debuginfo
rocky-upgrade-texlive-texconfig
rocky-upgrade-texlive-texlive-common-doc
rocky-upgrade-texlive-texlive-docindex
rocky-upgrade-texlive-texlive-en
rocky-upgrade-texlive-texlive-msg-translations
rocky-upgrade-texlive-texlive-scripts
rocky-upgrade-texlive-texlive-scripts-extra
rocky-upgrade-texlive-texlive.infra
rocky-upgrade-texlive-textcase
rocky-upgrade-texlive-textpos
rocky-upgrade-texlive-threeparttable
rocky-upgrade-texlive-thumbpdf
rocky-upgrade-texlive-times
rocky-upgrade-texlive-tipa
rocky-upgrade-texlive-titlesec
rocky-upgrade-texlive-titling
rocky-upgrade-texlive-tocloft
rocky-upgrade-texlive-tools
rocky-upgrade-texlive-translator
rocky-upgrade-texlive-trimspaces
rocky-upgrade-texlive-txfonts
rocky-upgrade-texlive-type1cm
rocky-upgrade-texlive-typehtml
rocky-upgrade-texlive-ucharcat
rocky-upgrade-texlive-ucharclasses
rocky-upgrade-texlive-ucs
rocky-upgrade-texlive-uhc
rocky-upgrade-texlive-ulem
rocky-upgrade-texlive-underscore
rocky-upgrade-texlive-unicode-data
rocky-upgrade-texlive-unicode-math
rocky-upgrade-texlive-uniquecounter
rocky-upgrade-texlive-unisugar
rocky-upgrade-texlive-updmap-map
rocky-upgrade-texlive-upquote
rocky-upgrade-texlive-url
rocky-upgrade-texlive-utopia
rocky-upgrade-texlive-varwidth
rocky-upgrade-texlive-wadalab
rocky-upgrade-texlive-was
rocky-upgrade-texlive-wasy
rocky-upgrade-texlive-wasy-type1
rocky-upgrade-texlive-wasy2-ps
rocky-upgrade-texlive-wasysym
rocky-upgrade-texlive-wrapfig
rocky-upgrade-texlive-xcolor
rocky-upgrade-texlive-xdvi
rocky-upgrade-texlive-xdvi-debuginfo
rocky-upgrade-texlive-xecjk
rocky-upgrade-texlive-xecolor
rocky-upgrade-texlive-xecyr
rocky-upgrade-texlive-xeindex
rocky-upgrade-texlive-xepersian
rocky-upgrade-texlive-xesearch
rocky-upgrade-texlive-xetex
rocky-upgrade-texlive-xetex-debuginfo
rocky-upgrade-texlive-xetex-itrans
rocky-upgrade-texlive-xetex-pstricks
rocky-upgrade-texlive-xetex-tibetan
rocky-upgrade-texlive-xetexconfig
rocky-upgrade-texlive-xetexfontinfo
rocky-upgrade-texlive-xifthen
rocky-upgrade-texlive-xkeyval
rocky-upgrade-texlive-xltxtra
rocky-upgrade-texlive-xmltex
rocky-upgrade-texlive-xmltexconfig
rocky-upgrade-texlive-xstring
rocky-upgrade-texlive-xtab
rocky-upgrade-texlive-xunicode
rocky-upgrade-texlive-zapfchan
rocky-upgrade-texlive-zapfding
rocky-upgrade-texlive-zref

References

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Rocky Linux: CVE-2023-32700: texlive (RLSA-2023-3661)

Rocky Linux: CVE-2023-32700: texlive (RLSA-2023-3661)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.