SB2025032930 - Anolis OS update for libreoffice
Published: March 29, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) Code Injection (CVE-ID: CVE-2022-38745)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary Java code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
2) Improper validation of array index (CVE-ID: CVE-2023-0950)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to improper validation of array index when malformed spreadsheet formulas, such as AGGREGATE. A remote attacker can trick the victim to open a specially crafted file, trigger an array index underflow and execute arbitrary code on the system.
3) External control of file name or path (CVE-ID: CVE-2023-1183)
The vulnerability allows a remote attacker to write files to an arbitrary location on the system.
The vulnerability exists due to improper input validation when processing files within hsqldb. A remote attacker can trick the victim to open a specially crafted odb file that contains a "database/script" file with a SCRIPT command and write contents of that file to an arbitrary location on the system.
Successful exploitation of the vulnerability can lead to full system compromise.
4) Insufficient UI Warning of Dangerous Operations (CVE-ID: CVE-2023-2255)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to the application allows usage of floating frames that can fetch content from external sources without prompting the user. A remote attacker can trick the victim to open a specially crafted file and perform spoofing attack.
Remediation
Install update from vendor's website.