CVE-2023-5557

Published: Oct 13, 2023

Modified: Nov 20, 2025

PUBLISHED

CVSS v3.1

7.5

HIGH

Description

A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability.

Vendor	Product	Versions
Red Hat	Red Hat Enterprise Linux 8	unaffected `0:2.1.5-2.el8_9.1 - < *`
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	unaffected `0:2.1.5-2.el8_2.1 - < *`
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service	unaffected `0:2.1.5-2.el8_2.1 - < *`
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	unaffected `0:2.1.5-2.el8_2.1 - < *`
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	unaffected `0:2.1.5-2.el8_4.1 - < *`
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	unaffected `0:2.1.5-2.el8_4.1 - < *`
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	unaffected `0:2.1.5-2.el8_4.1 - < *`
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	unaffected `0:2.1.5-2.el8_6.1 - < *`
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	unaffected `0:2.1.5-2.el8_8.1 - < *`
Red Hat	Red Hat Enterprise Linux 9	unaffected `0:3.1.2-4.el9_3 - < *`
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	unaffected `0:3.1.2-2.el9_0 - < *`
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	unaffected `0:3.1.2-4.el9_2 - < *`
Red Hat	Red Hat Enterprise Linux 7	All versions