CVE-2024-12425: 
LibreOffice vulnerability analysis and mitigation

A path traversal vulnerability (CVE-2024-12425) was discovered in LibreOffice that allows for absolute path traversal through improper handling of embedded font files. The vulnerability affects LibreOffice versions from 24.8 before 24.8.4, and was disclosed on January 7, 2025. The issue specifically impacts The Document Foundation's LibreOffice software and allows attackers to write files with a '.ttf' suffix to arbitrary locations on the system (LibreOffice Advisory, NVD).

The vulnerability stems from how LibreOffice processes embedded fonts in documents. During document loading, the application extracts font data and stores it as a .ttf file in a temporary directory. Due to improper input validation, an attacker can manipulate the font-family name to break out of the designated directory. The vulnerability has been assigned a CVSS 4.0 base score of 2.4 (LOW) with the vector string CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N and is classified under CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) (SecurityOnline).

The vulnerability allows attackers to write files with a '.ttf' suffix to arbitrary locations on the filesystem, limited only by the user's permissions. This capability could be exploited in both desktop and server environments, requiring no user interaction beyond opening a malicious document (SecurityOnline).

Users and administrators are strongly advised to update their LibreOffice installations to version 24.8.4 or later to protect against this vulnerability. The fix has been implemented across multiple Ubuntu versions, including Ubuntu 24.10 (4:24.8.4-0ubuntu0.24.10.2), Ubuntu 24.04 (4:24.2.7-0ubuntu0.24.04.2), Ubuntu 22.04 (1:7.3.7-0ubuntu0.22.04.8), and Ubuntu 20.04 (1:6.4.7-0ubuntu0.20.04.13) (Ubuntu Security).