CVE-2024-7788

Title: CVE-2024-7788: Signatures in "repair mode" should not be trusted

Announced: Sep 17, 2024

Fixed in: LibreOffice 24.2.5 and 24.8.0

Description:

Various file formats are based on the zip file format. In cases of corruption of the underlying zip's central directory, LibreOffice offers a "repair mode" which will attempt to recover the zip file structure by scanning for secondary local file headers in the zip to reconstruct the document.

Prior to this fix, in the case of digitally signed zip files, an attacker could construct a document which, when repaired, reported a signature status not valid for the recovered file.

Previously if verification failed the user could choose to ignore the failure and enable the macros anyway.

Repair document mode has to be inherently tolerant, so now in fixed versions all signatures are implied to be invalid in recovery mode.

Users are recommended to upgrade to 24.2.5 or 24.8.0 to gain this enhacement.

Credit:

Thanks to Yufan You for finding and reporting this issue.
Thanks to Michael Stahl of allotropia for providing a fix.


References: