Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2022-3140

Published: 11 October 2022

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal macros with arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.1; 7.3 versions prior to 7.3.6.

Notes

AuthorNote
mdeslaur 
This is fixed in (1:7.3.6-0ubuntu0.22.04.1) in jammy, but is
not yet in the security pocket.
Fourth commit is in 7.3.7, appears related and used by Debian,
possibly not needed to fix the CVE.

Priority

Medium

Cvss 3 Severity Score

6.3

Score breakdown

Status

Package Release Status
libreoffice
Launchpad, Ubuntu, Debian 		bionic
Released (1:6.0.7-0ubuntu0.18.04.12)
focal
Released (1:6.4.7-0ubuntu0.20.04.6)
jammy
Released (1:7.3.6-0ubuntu0.22.04.2)
kinetic Not vulnerable
(1:7.4.2~rc2-0ubuntu1)
lunar Not vulnerable
(1:7.4.2~rc2-0ubuntu1)
trusty Ignored
(end of standard support)
upstream
Released (1:7.4.1~rc2-3)
xenial Ignored
(end of standard support)
Patches:
upstream: https://github.com/LibreOffice/core/commit/b3edf85e0fe6ca03dc26e1bf531be82193bc9627
upstream: https://github.com/LibreOffice/core/commit/e36986a3a7f448722961bde79691fb2f225c48ea
upstream: https://github.com/LibreOffice/core/commit/2f7e7dbebb28123b1e608c30af6cc335e7b5ed2f
upstream: https://github.com/LibreOffice/core/commit/7c299586526c29875d2d1438c95580c18835c99b
upstream: https://github.com/LibreOffice/core/commit/6503607dfca690e8f62c67c53306721736ca6a1d
upstream: https://github.com/LibreOffice/core/commit/71abb628797c0d5e4c15b71f10657b0e32b58386
upstream: https://github.com/LibreOffice/core/commit/8ab71daa8b1c7095a948398b7d029dda27145d70
upstream: https://github.com/LibreOffice/core/commit/5c433800c24281c7d7edfb5b3fd6759c524907c1
upstream: https://github.com/LibreOffice/core/commit/d0312786571221c2dd4f63fa69f6f0489d7d39ec

Severity score breakdown

Parameter Value
Base score 6.3
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Scope Unchanged
Confidentiality Low
Integrity impact Low
Availability impact Low
Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading