Bug 1737427 (CVE-2019-9848)
Summary: | CVE-2019-9848 libreoffice: LibreLogo script can be manipulated into executing arbitrary python commands | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Marian Rehak <mrehak> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | apmukher, caolanm, dtardon, erack, sbergman |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | libreoffice 6.2.5 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2020-03-31 22:35:20 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1737428, 1743962 | ||
Bug Blocks: | 1737430 |
Description
Marian Rehak
2019-08-05 11:05:47 UTC
Created libreoffice tracking bugs for this issue: Affects: fedora-all [bug 1737428] Analysis: Basically a flaw in librelogo which is a "a programmable turtle vector graphics script" shipped with libreoffice. Document events like mouse click etc can be used to trigger user inserted librelogo scripts. A malicious document could be constructed which would execute arbitrary python commands silently without warning. The patch basically disallows librelogo scripts to be called from document event handler. This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:1151 https://access.redhat.com/errata/RHSA-2020:1151 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-9848 |