Multiple vulnerabilities in Linux Mint Xreader
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2023-44451 CVE-2023-44452 |
| CWE-ID | CWE-22 CWE-20 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. |
| Vulnerable software |
Xreader Client/Desktop applications / Other client software |
| Vendor | Linux Mint |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Path traversal
EUVDB-ID: #VU84984
Risk: High
CVSSv4.0: 7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2023-44451
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can trick a victim to open a specially crafted EPUB file and read arbitrary files on the system, leading to arbitrary code execution.
MitigationInstall update from vendor's website.
Vulnerable software versionsXreader: 1.0.1 - 3.8.4
CPE2.3- cpe:2.3:a:linux_mint:xreader:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:linux_mint:xreader:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:linux_mint:xreader:1.0.3:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-23-1835/
https://github.com/linuxmint/xreader/commit/141f1313745b9cc73670df51ac145165efcbb14a
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Input validation error
EUVDB-ID: #VU84986
Risk: High
CVSSv4.0: 7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2023-44452
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can trick a victim to open a specially crafted CBT file and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsXreader: 1.0.1 - 3.8.4
CPE2.3- cpe:2.3:a:linux_mint:xreader:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:linux_mint:xreader:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:linux_mint:xreader:1.0.3:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-23-1836/
https://github.com/linuxmint/xreader/commit/cd678889ecfe4e84a5cbcf3a0489e15a5e2e3736
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
