CVE-2023-52076

NameCVE-2023-52076
DescriptionAtril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the user opening a crafted document has access. The only limitation is that this vulnerability cannot be exploited to overwrite existing files, but that doesn't stop an attacker from achieving Remote Command Execution on the target system. Version 1.26.2 of Atril contains a patch for this vulnerability.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3828-1, DSA-5688-1
Debian Bugs1061522

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
atril (PTS)jessie, jessie (lts)1.8.1+dfsg1-4+deb8u2vulnerable
stretch1.16.1-2+deb9u2vulnerable
stretch (security), stretch (lts)1.16.1-2+deb9u1vulnerable
buster (security), buster, buster (lts)1.20.3-1+deb10u2fixed
bullseye (security), bullseye1.24.0-1+deb11u1fixed
bookworm (security), bookworm1.26.0-2+deb12u3fixed
sid1.26.2-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
atrilsourcejessie(unfixed)end-of-life
atrilsourcestretch(unfixed)end-of-life
atrilsourcebuster1.20.3-1+deb10u2DLA-3828-1
atrilsourcebullseye1.24.0-1+deb11u1DSA-5688-1
atrilsourcebookworm1.26.0-2+deb12u3DSA-5688-1
atrilsource(unstable)1.26.2-11061522

Notes

https://github.com/mate-desktop/atril/security/advisories/GHSA-6mf6-mxpc-jc37
https://github.com/mate-desktop/atril/commit/e70b21c815418a1e6ebedf6d8d31b8477c03ba50

Search for package or bug name: Reporting problems