cnvd - cnvd-2022-55626

CNVD-2022-55626

Vulnerability from cnvd - Published: 2022-08-03

Title

libreoffice信任管理问题漏洞（CNVD-2022-55626）

Description

LibreOffice是文档基金会（The Document Foundation，tdf）的一套开源的办公软件套件。该产品包含Writer（文本文档）、Calc（电子表格）和Impress（演示文稿）等应用程序。 libreoffice存在信任管理问题漏洞，该漏洞源于libreoffice：签名的信任验证错误，具有不明确的KeyInfo子节点。目前没有详细的漏洞细节提供。

Severity

中

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://access.redhat.com/security/cve/cve-2021-25636

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-25636

Impacted products

Name
LibreOffice LibreOffice >=7.2.0，<7.2.5

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-25636",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-25636"
    }
  },
  "description": "LibreOffice\u662f\u6587\u6863\u57fa\u91d1\u4f1a\uff08The Document Foundation\uff0ctdf\uff09\u7684\u4e00\u5957\u5f00\u6e90\u7684\u529e\u516c\u8f6f\u4ef6\u5957\u4ef6\u3002\u8be5\u4ea7\u54c1\u5305\u542bWriter\uff08\u6587\u672c\u6587\u6863\uff09\u3001Calc\uff08\u7535\u5b50\u8868\u683c\uff09\u548cImpress\uff08\u6f14\u793a\u6587\u7a3f\uff09\u7b49\u5e94\u7528\u7a0b\u5e8f\u3002\n\nlibreoffice\u5b58\u5728\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8elibreoffice\uff1a\u7b7e\u540d\u7684\u4fe1\u4efb\u9a8c\u8bc1\u9519\u8bef\uff0c\u5177\u6709\u4e0d\u660e\u786e\u7684KeyInfo\u5b50\u8282\u70b9\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://access.redhat.com/security/cve/cve-2021-25636",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-55626",
  "openTime": "2022-08-03",
  "products": {
    "product": "LibreOffice LibreOffice \u003e=7.2.0\uff0c\u003c7.2.5"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-25636",
  "serverity": "\u4e2d",
  "submitTime": "2022-02-24",
  "title": "libreoffice\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2022-55626\uff09"
}

CVE-2021-25636 (GCVE-0-2021-25636)

Vulnerability from cvelistv5 – Published: 2022-02-22 00:00 – Updated: 2024-08-03 20:11

Summary

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to contain both "X509Data" and "KeyValue" children of the "KeyInfo" tag, which when opened caused LibreOffice to verify using the "KeyValue" but to report verification with the unrelated "X509Data" value. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.5.

Severity ?

No CVSS data available.

CWE

CWE-347 - Improper Verification of Cryptographic Signature

Assigner

Document Fdn.

References

URL

Tags

	https://www.libreoffice.org/about-us/security/adv…
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023…	mailing-list

Impacted products

	Vendor	Product	Version
	The Document Foundation	LibreOffice	Affected: 7.2 , < 7.2.5 (custom)

Credits

Thanks to NDS of Ruhr University Bochum for discovering and reporting this problem.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.083Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25636/"
          },
          {
            "name": "FEDORA-2022-3bbe89c20f",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NE6UIBCPZWRBWPSEGJOPNWPPT3CCMVH2/"
          },
          {
            "name": "[debian-lts-announce] 20230326 [SECURITY] [DLA 3368-1] libreoffice security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "LibreOffice",
          "vendor": "The Document Foundation",
          "versions": [
            {
              "lessThan": "7.2.5",
              "status": "affected",
              "version": "7.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Thanks to NDS of Ruhr University Bochum for discovering and reporting this problem."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to contain both \"X509Data\" and \"KeyValue\" children of the \"KeyInfo\" tag, which when opened caused LibreOffice to verify using the \"KeyValue\" but to report verification with the unrelated \"X509Data\" value. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.5."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-347",
              "description": "CWE-347 Improper Verification of Cryptographic Signature",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-26T00:00:00",
        "orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
        "shortName": "Document Fdn."
      },
      "references": [
        {
          "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25636/"
        },
        {
          "name": "FEDORA-2022-3bbe89c20f",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NE6UIBCPZWRBWPSEGJOPNWPPT3CCMVH2/"
        },
        {
          "name": "[debian-lts-announce] 20230326 [SECURITY] [DLA 3368-1] libreoffice security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Incorrect trust validation of signature with ambiguous KeyInfo children",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
    "assignerShortName": "Document Fdn.",
    "cveId": "CVE-2021-25636",
    "datePublished": "2022-02-22T00:00:00",
    "dateReserved": "2021-01-19T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.083Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2022-55626

CVE-2021-25636 (GCVE-0-2021-25636)

Tags

Sightings

Nomenclature