CVE-2024-45313
📋 TL;DR
This vulnerability in Overleaf Server Pro allows users to access the sharelatex container's filesystem, network, and environment variables during LaTeX compiles when security features are disabled. It affects installations using the Overleaf Toolkit before 2024-07-17 or legacy docker-compose.yml before 2024-08-28 with insecure default configurations. Administrators who haven't manually enabled sandboxing are vulnerable.
💻 Affected Systems
- Overleaf Server Pro
📦 What is this software?
Overleaf by Overleaf
Overleaf by Overleaf
⚠️ Risk & Real-World Impact
Worst Case
Attackers could read sensitive files, modify system configurations, access environment variables containing secrets, or potentially execute arbitrary code on the host container.
Likely Case
Unauthorized users accessing or exfiltrating sensitive project files, configuration data, or environment variables from the sharelatex container.
If Mitigated
With sandboxing enabled, compiles run in isolated sibling containers with no access to host resources, preventing all file access vulnerabilities.
🎯 Exploit Status
Exploitation requires access to the Overleaf instance and ability to trigger compiles. The vulnerability is in the container configuration, not the application code.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Toolkit updated 2024-07-17, docker-compose updated 2024-08-28
Vendor Advisory: https://github.com/overleaf/overleaf/security/advisories/GHSA-m95q-g8qg-wgj4
Restart Required: Yes
Instructions:
1. Update Overleaf Toolkit to version after 2024-07-17 or docker-compose.yml to version after 2024-08-28. 2. For existing installations, set SIBLING_CONTAINERS_ENABLED=true in config/overleaf.rc (Toolkit) or SANDBOXED_COMPILES=true (legacy docker-compose). 3. Restart the Overleaf services.
🔧 Temporary Workarounds
Enable sibling containers in Toolkit
linuxManually enable secure sibling containers for LaTeX compiles
echo 'SIBLING_CONTAINERS_ENABLED=true' >> config/overleaf.rc
bin/stop
bin/start
Enable sandboxed compiles in legacy docker-compose
linuxSet environment variable to enable sandboxing
export SANDBOXED_COMPILES=true
docker-compose up -d
🧯 If You Can't Patch
- Restrict user access to only trusted individuals who need LaTeX compilation capabilities
- Monitor container logs for unusual file access patterns or symlink creation during compiles
🔍 How to Verify
Check if Vulnerable:
Check config/overleaf.rc for SIBLING_CONTAINERS_ENABLED=false (Toolkit) or docker-compose.yml for SANDBOXED_COMPILES=false/absent (legacy).Check Version:
For Toolkit: check toolkit version date. For docker-compose: check file modification date or git commit history.Verify Fix Applied:
Verify SIBLING_CONTAINERS_ENABLED=true appears in config/overleaf.rc or SANDBOXED_COMPILES=true in environment/docker-compose.yml, then test that compiles complete successfully.📡 Detection & Monitoring
Log Indicators:
- Unusual file access patterns from LaTeX compile processes
- Symlink creation in unexpected directories during compiles
- Compile processes accessing files outside project directories
Network Indicators:
- Compile containers making unexpected network connections to internal services
SIEM Query:
container_logs WHERE process_name LIKE '%latex%' AND (file_access NOT LIKE '%/project/%' OR command LIKE '%ln -s%')🔗 References
- https://github.com/overleaf/overleaf/security/advisories/GHSA-m95q-g8qg-wgj4
- https://github.com/overleaf/overleaf/wiki/Server-Pro:-Sandboxed-Compiles
- https://github.com/overleaf/toolkit/blob/master/doc/sandboxed-compiles.md#enabling-sibling-containers
- https://github.com/overleaf/toolkit/commit/7a8401897b24777b47338452ff8d12e2fb6dd5ff
