less through 653 allows OS command execution via a newline character in the name of a file because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names such as the files extracted from an untrusted archive. Exploitation also requires the LESSOPEN environment variable but this is set by default in many common cases.

🗓️ 22 Apr 2024 07:00:00Reported by MicrosoftType

Less through 653 enables OS command execution from newline in a file name due to quoting flaws.

Reporter	Title	Published	Views	Family All 204
IBM Security Bulletins	Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to less atarbitrary command execution vulnerability [CVE-2024-32487]	6 Aug 202421:28	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities have been identified with the DS8900F and DS8A00 Hardware Management Console (HMC)	27 May 202523:25	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues	8 Aug 202417:29	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in less (CVE-2024-32487) affects Power HMC.	28 Jan 202522:08	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in axios affect IBM Voice Gateway	15 Apr 202502:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities	15 Apr 202502:53	–	ibm
Tenable Nessus	Amazon Linux 2023 : less (ALAS2023-2024-622)	28 May 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : less (ALAS-2024-2547)	31 May 202400:00	–	nessus
Tenable Nessus	Amazon Linux AMI : less (ALAS-2025-1958)	5 Feb 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0168: less (ALINUX3-SA-2024:0168)	14 May 202500:00	–	nessus