A vulnerability has been found in Minecraft Server which leads to remote code execution.
Package | games-server/minecraft-server on all architectures |
---|---|
Affected versions | < 1.18.1 |
Unaffected versions | >= 1.18.1 |
Minecraft Server is the official server for the sandbox video game.
A vulnerability has been discovered in Minecraft Server. Please review the CVE identifier referenced below for details.
Vulnerable Minecraft Server versions include a bundled version of log4j which is vulnerable to remote code execution.
There is no known workaround at this time.
All Minecraft Server users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=games-server/minecraft-server-1.18.1"
Release date
December 20, 2023
Latest revision
December 20, 2023: 1
Severity
high
Exploitable
remote
Bugzilla entries