Remote Code Execution Vulnerability in Linux Mint Xreader
CVE-2023-44452
Summary
The vulnerability in Linux Mint Xreader pertains to improper validation during CBT file parsing, allowing remote attackers to potentially execute arbitrary code on user systems. To exploit this vulnerability, an attacker must trick the user into visiting a malicious web page or opening a compromised CBT file. The flaw arises because the software does not appropriately validate the user-supplied input before executing system calls, thus leading to significant security risks if the affected installations remain unpatched. It is essential for users of Linux Mint Xreader to be aware of this vulnerability and update to the latest version to mitigate potential threats.
Affected Version(s)
Xreader 3.8.2
References
EPSS Score
15% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved