CVE-2023-44451 – This vulnerability in Linux Mint's Xreader EPUB... (How to Fix)

Q: What is the severity of CVE-2023-44451?

CVE-2023-44451 has a CVSS score of 7.8 (HIGH). This vulnerability in Linux Mint's Xreader EPUB parser allows remote attackers to execute arbitrary code by tricking users into opening malicious EPUB files. The flaw is a directory traversal issue that enables code execution with the current user's privileges. All Linux Mint users with Xreader installed are potentially affected.

📋 TL;DR

This vulnerability in Linux Mint's Xreader EPUB parser allows remote attackers to execute arbitrary code by tricking users into opening malicious EPUB files. The flaw is a directory traversal issue that enables code execution with the current user's privileges. All Linux Mint users with Xreader installed are potentially affected.

💻 Affected Systems

Products:

Linux Mint Xreader

Versions: Versions prior to the fix commit 141f1313745b9cc73670df51ac145165efcbb14a

Operating Systems: Linux Mint

Default Config Vulnerable: ⚠️ Yes

Notes: Xreader is the default PDF/document viewer in Linux Mint, making most installations vulnerable by default.

📦 What is this software?

Xreader by Linuxmint

View all CVEs affecting Xreader →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining the same privileges as the logged-in user, potentially leading to data theft, ransomware deployment, or persistent backdoor installation.

🟠

Likely Case

Local privilege escalation leading to user account compromise, data exfiltration, and lateral movement within the network.

🟢

If Mitigated

Limited impact if user runs with minimal privileges, but still potential for data loss and malware installation in user context.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires user interaction (opening malicious EPUB file) but the vulnerability itself is straightforward to exploit once weaponized.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version containing commit 141f1313745b9cc73670df51ac145165efcbb14a

Vendor Advisory: https://github.com/linuxmint/xreader/commit/141f1313745b9cc73670df51ac145165efcbb14a

Restart Required: No

Instructions:

1. Update Linux Mint system packages via Update Manager or terminal. 2. Run 'sudo apt update && sudo apt upgrade' to ensure all packages are updated. 3. Verify Xreader has been updated to patched version.

🔧 Temporary Workarounds

Disable EPUB file association

linux

Remove Xreader as default handler for EPUB files to prevent automatic opening

xdg-mime default org.gnome.Evince.desktop application/epub+zip

Temporary Xreader disable

linux

Temporarily disable Xreader while waiting for patch

sudo apt-mark hold xreader
sudo mv /usr/bin/xreader /usr/bin/xreader.disabled

🧯 If You Can't Patch

Implement application whitelisting to prevent execution of unauthorized binaries
Configure user accounts with minimal privileges and implement strict file access controls

🔍 How to Verify

Check if Vulnerable:

Check Xreader version or verify if commit 141f1313745b9cc73670df51ac145165efcbb14a is present in installed version

Check Version:

apt show xreader | grep Version

Verify Fix Applied:

Verify Xreader has been updated and commit 141f1313745b9cc73670df51ac145165efcbb14a is present in the source/installation

📡 Detection & Monitoring

Log Indicators:

Unusual process execution from Xreader context
Suspicious file operations in user directories
EPUB file parsing errors in application logs

Network Indicators:

Outbound connections from Xreader process to unknown destinations
Unexpected file downloads initiated by Xreader

SIEM Query:

process_name:"xreader" AND (process_cmdline:"*epub*" OR file_path:"*../*")

📊 Metadata

CVE ID: CVE-2023-44451

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-22

Published: May 3, 2024

Last Updated: August 14, 2025

🔗 References

https://github.com/linuxmint/xreader/commit/141f1313745b9cc73670df51ac145165efcbb14a Patch
https://www.zerodayinitiative.com/advisories/ZDI-23-1835/ Third Party Advisory
https://github.com/linuxmint/xreader/commit/141f1313745b9cc73670df51ac145165efcbb14a Patch
https://www.zerodayinitiative.com/advisories/ZDI-23-1835/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-44451, you might also want to check these: