• About Us /
• Security /
• Security Advisories /
• CVE-2024-12425

CVE-2024-12425

Title: CVE-2024-12425: Path traversal leading to arbitrary .ttf file write

Announced: Jan 7, 2025

Fixed in: LibreOffice 24.8.4

Description:

Various file formats can contain embedded font files which are extracted to temporary files which are added to LibreOffice's font lists.

Prior to this fix, an attacker could craft a document with embedded font file path names which could cause LibreOffice to write the contents of the embedded font to a filename in an arbitrary location the user has permission to write to. Albeit always with a ".ttf" suffix.

Users are recommended to upgrade to 24.8.4 to avoid this issue.

Credit:

Thanks to Thomas Rinsma of Codean Labs for finding and reporting this issue.
Thanks to Caolán McNamara of Collabora Productivity for providing a fix.

References:

• CVE-2024-12425