USN-6962-1: LibreOffice vulnerability

Q: What is the severity of USN-6962-1?

The vulnerability USN-6962-1 is considered high as it allows arbitrary macros to be executed remotely if users are tricked into opening a malicious document.

Q: How do I fix USN-6962-1?

To fix USN-6962-1, you should update LibreOffice to the latest version specified for your Ubuntu release.

Q: What platforms are affected by USN-6962-1?

USN-6962-1 affects Ubuntu versions 20.04, 22.04, and 24.04 that have specific versions of LibreOffice installed.

Q: What causes the vulnerability in USN-6962-1?

The vulnerability in USN-6962-1 is caused by LibreOffice incorrectly allowing macros when a cryptographic signature fails to validate.

Q: Who is at risk from the USN-6962-1 vulnerability?

Users of affected versions of LibreOffice on Ubuntu could be at risk if they open specially crafted documents from untrusted sources.

Published Aug 15, 2024

Updated

It was discovered that LibreOffice incorrectly allowed users to enable macros when a cryptographic signature failed to validate. If a user were tricked into opening a specially crafted document, a remote attacker could possibly execute arbitrary macros.

Affected Software

6 affected componentsFixes available

All of the following

ubuntu/libreoffice<4:24.2.5-0ubuntu0.24.04.2

4:24.2.5-0ubuntu0.24.04.2

Ubuntu Ubuntu=24.04

All of the following

ubuntu/libreoffice<1:7.3.7-0ubuntu0.22.04.6

1:7.3.7-0ubuntu0.22.04.6

Ubuntu Ubuntu=22.04

All of the following

ubuntu/libreoffice<1:6.4.7-0ubuntu0.20.04.11

1:6.4.7-0ubuntu0.20.04.11

Ubuntu Ubuntu=20.04

Event History

Aug 15, 2024

Advisory Published

via Ubuntu·12:00 AM

Frequently Asked Questions

What is the severity of USN-6962-1?

The vulnerability USN-6962-1 is considered high as it allows arbitrary macros to be executed remotely if users are tricked into opening a malicious document.

How do I fix USN-6962-1?

To fix USN-6962-1, you should update LibreOffice to the latest version specified for your Ubuntu release.

What platforms are affected by USN-6962-1?

USN-6962-1 affects Ubuntu versions 20.04, 22.04, and 24.04 that have specific versions of LibreOffice installed.

What causes the vulnerability in USN-6962-1?

The vulnerability in USN-6962-1 is caused by LibreOffice incorrectly allowing macros when a cryptographic signature fails to validate.

Who is at risk from the USN-6962-1 vulnerability?

Users of affected versions of LibreOffice on Ubuntu could be at risk if they open specially crafted documents from untrusted sources.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

USN-6962-1: LibreOffice vulnerability

Affected Software

Event History

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of USN-6962-1?

How do I fix USN-6962-1?

What platforms are affected by USN-6962-1?

What causes the vulnerability in USN-6962-1?

Who is at risk from the USN-6962-1 vulnerability?

Company

Resources

Contact