CVE-2018-14939
Title: CVE-2018-14939 overflow at realpath
Announced: Aug 13, 2018
Fixed in: Not a Bug
Description:
CVE-2018-14939 was assigned to address an apparent buffer overflow in the get_app_path function with the suggestion that it is possible for attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact if LibreOffice is automatically launched during web browsing with pathnames controlled by a remote web site.
Our analysis is that this is not the case. get_app_path is only called with argv[0] of LO's oosplash helper executable (installed at /usr/lib.../libreoffice/program/oosplash, called during the LO start-up sequence), so an attack would need launch that executable with a suitably long argv[0] which is not under the control of an attacker.
References:
CVE-2018-14939
Follow Us