CVE-2023-52076

NameCVE-2023-52076
DescriptionAtril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the user opening a crafted document has access. The only limitation is that this vulnerability cannot be exploited to overwrite existing files, but that doesn't stop an attacker from achieving Remote Command Execution on the target system. Version 1.26.2 of Atril contains a patch for this vulnerability.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-5688-1
Debian Bugs1061522

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
atril (PTS)buster1.20.3-1+deb10u1vulnerable
bullseye1.24.0-1vulnerable
bullseye (security)1.24.0-1+deb11u1fixed
bookworm1.26.0-2+deb12u2vulnerable
bookworm (security)1.26.0-2+deb12u3fixed
sid, trixie1.26.2-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
atrilsourcebullseye1.24.0-1+deb11u1DSA-5688-1
atrilsourcebookworm1.26.0-2+deb12u3DSA-5688-1
atrilsource(unstable)1.26.2-11061522

Notes

https://github.com/mate-desktop/atril/security/advisories/GHSA-6mf6-mxpc-jc37
https://github.com/mate-desktop/atril/commit/e70b21c815418a1e6ebedf6d8d31b8477c03ba50

Search for package or bug name: Reporting problems