Main Vulnerability Database SB2024082808

SB2024082808 - Red Hat Enterprise Linux 8 update for libreoffice

Published: August 28, 2024

Security Bulletin ID SB2024082808

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Certificate Validation (CVE-ID: CVE-2024-6472)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due improper certificate validation when handling documents with signed macros inside. If the macro has an untrusted signature, the use can ignore the failure and enable the macros anyway.

Remediation

Install update from vendor's website.

References

https://access.redhat.com/errata/RHSA-2024:5886