What is the severity of USN-6808-1?

The vulnerability USN-6808-1 has been identified as a path traversal attack that may lead to arbitrary file creation on the host filesystem.

How do I fix USN-6808-1?

To fix the USN-6808-1 vulnerability, you should upgrade Atril and associated packages to version 1.26.0-2ubuntu0.1 or higher.

Which versions are affected by USN-6808-1?

USN-6808-1 affects several versions of the Atril and Atril-common packages prior to their respective fixes in various Ubuntu releases.

What products are impacted by USN-6808-1?

The products impacted by USN-6808-1 are Ubuntu 23.10, 22.04, 20.04, 18.04, and 16.04 with the vulnerable Atril packages.

Is a reboot required after fixing USN-6808-1?

A reboot may not be necessary immediately after applying the fix for USN-6808-1, but it is recommended to ensure all services are refreshed.

Vulnerability/
USN-6808-1

CWE

5/6/2024

USN-6808-1: Atril vulnerability

First published: Wed Jun 05 2024(Updated: )

It was discovered that Atril was vulnerable to a path traversal attack. An attacker could possibly use this vulnerability to create arbitrary files on the host filesystem with user privileges.

Affected Software	Affected Version	How to fix
All of
ubuntu/atril	<1.26.0-2ubuntu0.1	1.26.0-2ubuntu0.1
Ubuntu	=23.10
All of
ubuntu/atril-common	<1.26.0-2ubuntu0.1	1.26.0-2ubuntu0.1
Ubuntu	=23.10
All of
ubuntu/libatrildocument3	<1.26.0-2ubuntu0.1	1.26.0-2ubuntu0.1
Ubuntu	=23.10
All of
ubuntu/atril	<1.26.0-1ubuntu1.1	1.26.0-1ubuntu1.1
Ubuntu	=22.04
All of
ubuntu/atril-common	<1.26.0-1ubuntu1.1	1.26.0-1ubuntu1.1
Ubuntu	=22.04
All of
ubuntu/libatrildocument3	<1.26.0-1ubuntu1.1	1.26.0-1ubuntu1.1
Ubuntu	=22.04
All of
ubuntu/atril	<1.24.0-1ubuntu0.1	1.24.0-1ubuntu0.1
Ubuntu	=20.04
All of
ubuntu/atril-common	<1.24.0-1ubuntu0.1	1.24.0-1ubuntu0.1
Ubuntu	=20.04
All of
ubuntu/libatrildocument3	<1.24.0-1ubuntu0.1	1.24.0-1ubuntu0.1
Ubuntu	=20.04
All of
ubuntu/atril	<1.20.1-2ubuntu2+esm1	1.20.1-2ubuntu2+esm1
Ubuntu	=18.04
All of
ubuntu/atril-common	<1.20.1-2ubuntu2+esm1	1.20.1-2ubuntu2+esm1
Ubuntu	=18.04
All of
ubuntu/libatrildocument3	<1.20.1-2ubuntu2+esm1	1.20.1-2ubuntu2+esm1
Ubuntu	=18.04
All of
ubuntu/atril	<1.12.2-1ubuntu0.3+esm1	1.12.2-1ubuntu0.3+esm1
Ubuntu	=16.04
All of
ubuntu/atril-common	<1.12.2-1ubuntu0.3+esm1	1.12.2-1ubuntu0.3+esm1
Ubuntu	=16.04
All of
ubuntu/libatrildocument3	<1.12.2-1ubuntu0.3+esm1	1.12.2-1ubuntu0.3+esm1
Ubuntu	=16.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

CVE-2023-52076

Frequently Asked Questions

What is the severity of USN-6808-1?
The vulnerability USN-6808-1 has been identified as a path traversal attack that may lead to arbitrary file creation on the host filesystem.
How do I fix USN-6808-1?
To fix the USN-6808-1 vulnerability, you should upgrade Atril and associated packages to version 1.26.0-2ubuntu0.1 or higher.
Which versions are affected by USN-6808-1?
USN-6808-1 affects several versions of the Atril and Atril-common packages prior to their respective fixes in various Ubuntu releases.
What products are impacted by USN-6808-1?
The products impacted by USN-6808-1 are Ubuntu 23.10, 22.04, 20.04, 18.04, and 16.04 with the vulnerable Atril packages.
Is a reboot required after fixing USN-6808-1?
A reboot may not be necessary immediately after applying the fix for USN-6808-1, but it is recommended to ensure all services are refreshed.

agent/weakness
agent/severity
agent/title
agent/last-modified-date
agent/references
agent/description
agent/first-publish-date
agent/type
agent/event
agent/trending
agent/source
agent/softwarecombine
agent/tags
collector/usn
source/Ubuntu
agent/software-canonical-lookup
agent/software-canonical-lookup-request
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu
version/ubuntu/23.10
version/ubuntu/22.04
version/ubuntu/20.04
version/ubuntu/18.04
version/ubuntu/16.04