CVE Vulnerabilities

CVE-2022-26306

Use of Insufficiently Random Values

Published: Jul 25, 2022 | Modified: Jul 11, 2023
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
7.5 MODERATE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Ubuntu
MEDIUM

LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which weakens the security of the encryption making them vulnerable if an attacker has access to the users configuration data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1.

Weakness

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

Affected Software

Name Vendor Start Version End Version
Libreoffice Libreoffice 7.2.0 (including) 7.2.7 (excluding)
Libreoffice Libreoffice 7.3.0 (including) 7.3.3 (excluding)
Red Hat Enterprise Linux 8 RedHat libreoffice-1:6.4.7.2-12.el8_7 *
Red Hat Enterprise Linux 9 RedHat libreoffice-1:7.1.8.1-8.el9_1 *
Libreoffice Ubuntu bionic *
Libreoffice Ubuntu focal *
Libreoffice Ubuntu trusty *
Libreoffice Ubuntu upstream *
Libreoffice Ubuntu xenial *

Potential Mitigations

  • Use a well-vetted algorithm that is currently considered to be strong by experts in the field, and select well-tested implementations with adequate length seeds.
  • In general, if a pseudo-random number generator is not advertised as being cryptographically secure, then it is probably a statistical PRNG and should not be used in security-sensitive contexts.
  • Pseudo-random number generators can produce predictable numbers if the generator is known and the seed can be guessed. A 256-bit seed is a good starting point for producing a “random enough” number.

References