From 5b9e9c82fcad081f21aa536b1670f0940f8b10d2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexis=20M=C3=A9taireau?= Date: Tue, 24 Dec 2024 17:26:58 +0100 Subject: [PATCH] Add a security advisory for gst-plugins-base --- docs/advisories/2024-12-24.md | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 docs/advisories/2024-12-24.md diff --git a/docs/advisories/2024-12-24.md b/docs/advisories/2024-12-24.md new file mode 100644 index 0000000..0bf6112 --- /dev/null +++ b/docs/advisories/2024-12-24.md @@ -0,0 +1,33 @@ +Security Advisory 2024-12-24 + +In Dangerzone, a security vulnerability was detected in the quarantined +environment where documents are opened. Vulnerabilities like this are expected +and do not compromise the security of Dangerzone. However, in combination with +another more serious vulnerability (also called container escape), a malicious +document may be able to breach the security of Dangerzone. We are not aware of +any container escapes that affect Dangerzone. **To reduce that risk, you are +strongly advised to update Dangerzone to the latest version**. + +# Summary + +A series of vulnerabilities in gst-plugins-base (CVE-2024-47538, CVE-2024-47607 +and CVE-2024-47615) affects the **contained** environment where the document +rendering takes place. + +If one attempts to convert a malicious file with an embedded Vorbis or Opus +media elements, arbitrary code may run within that environment. Such files +look like regular Office documents, which means that you cannot avoid a specific +extension. Other programs that open Office documents, such as LibreOffice, are +also affected, unless the system has been upgraded in the meantime. + +# How does this impact me? + +The expectation is that malicious code will run in a container without Internet +access, meaning that it won't be able to infect the rest of the system. + +If you are running Dangerzone via the Qubes OS, you are not impacted. + +# What do I need to do? + +You are **strongly** advised to update your Dangerzone installation to 0.8.1 as +soon as possible.