(RHSA-2024:3835) Important: libreoffice security update

2024-06-1118:27:29

access.redhat.com

libreoffice

security update

input validation

macro execution

cve-2023-6185

cve-2023-6186

unix

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

Low

JSON

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.

Security Fix(es):

libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185)
libreoffice: Insufficient macro permission validation leading to macro execution (CVE-2023-6186)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9x86_64libreoffice-base< 7.1.8.1-12.el9_4libreoffice-base-7.1.8.1-12.el9_4.x86_64.rpm
RedHat9s390xlibreoffice-langpack-en< 7.1.8.1-12.el9_4libreoffice-langpack-en-7.1.8.1-12.el9_4.s390x.rpm
RedHat9x86_64libreoffice-langpack-xh< 7.1.8.1-12.el9_4libreoffice-langpack-xh-7.1.8.1-12.el9_4.x86_64.rpm
RedHat9x86_64libreoffice-help-nl< 7.1.8.1-12.el9_4libreoffice-help-nl-7.1.8.1-12.el9_4.x86_64.rpm
RedHat9ppc64lelibreoffice-help-en< 7.1.8.1-12.el9_4libreoffice-help-en-7.1.8.1-12.el9_4.ppc64le.rpm
RedHat9x86_64libreoffice-langpack-fa< 7.1.8.1-12.el9_4libreoffice-langpack-fa-7.1.8.1-12.el9_4.x86_64.rpm
RedHat9noarchautocorr-dsb< 7.1.8.1-12.el9_4autocorr-dsb-7.1.8.1-12.el9_4.noarch.rpm
RedHat9noarchautocorr-tr< 7.1.8.1-12.el9_4autocorr-tr-7.1.8.1-12.el9_4.noarch.rpm
RedHat9x86_64libreoffice-langpack-hu< 7.1.8.1-12.el9_4libreoffice-langpack-hu-7.1.8.1-12.el9_4.x86_64.rpm
RedHat9x86_64libreoffice-help-tr< 7.1.8.1-12.el9_4libreoffice-help-tr-7.1.8.1-12.el9_4.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	9	x86_64	libreoffice-base	< 7.1.8.1-12.el9_4	libreoffice-base-7.1.8.1-12.el9_4.x86_64.rpm
RedHat	9	s390x	libreoffice-langpack-en	< 7.1.8.1-12.el9_4	libreoffice-langpack-en-7.1.8.1-12.el9_4.s390x.rpm
RedHat	9	x86_64	libreoffice-langpack-xh	< 7.1.8.1-12.el9_4	libreoffice-langpack-xh-7.1.8.1-12.el9_4.x86_64.rpm
RedHat	9	x86_64	libreoffice-help-nl	< 7.1.8.1-12.el9_4	libreoffice-help-nl-7.1.8.1-12.el9_4.x86_64.rpm
RedHat	9	ppc64le	libreoffice-help-en	< 7.1.8.1-12.el9_4	libreoffice-help-en-7.1.8.1-12.el9_4.ppc64le.rpm
RedHat	9	x86_64	libreoffice-langpack-fa	< 7.1.8.1-12.el9_4	libreoffice-langpack-fa-7.1.8.1-12.el9_4.x86_64.rpm
RedHat	9	noarch	autocorr-dsb	< 7.1.8.1-12.el9_4	autocorr-dsb-7.1.8.1-12.el9_4.noarch.rpm
RedHat	9	noarch	autocorr-tr	< 7.1.8.1-12.el9_4	autocorr-tr-7.1.8.1-12.el9_4.noarch.rpm
RedHat	9	x86_64	libreoffice-langpack-hu	< 7.1.8.1-12.el9_4	libreoffice-langpack-hu-7.1.8.1-12.el9_4.x86_64.rpm
RedHat	9	x86_64	libreoffice-help-tr	< 7.1.8.1-12.el9_4	libreoffice-help-tr-7.1.8.1-12.el9_4.x86_64.rpm