A recently disclosed vulnerability, identified as CVE-2025-3155, has been found in GNOME’s Yelp help viewer, posing a significant security risk to Ubuntu and other GNOME-based Linux distributions. This flaw allows attackers to exfiltrate SSH keys and other sensitive files from affected systems by exploiting improper handling of the `ghelp://` URI scheme and XML processing within Yelp.
Understanding the Vulnerability
Yelp, the default help viewer in GNOME environments, processes `.page` files using the Mallard XML schema. These files support XInclude, an XML inclusion mechanism that, when improperly handled, can be exploited by attackers. The vulnerability chain involves three primary components:
1. `ghelp://` URI Scheme Exploitation:
Yelp registers itself as the handler for `ghelp://` URIs. An attacker can craft a malicious link, such as `ghelp:///proc/self/cwd/Downloads`, which, when accessed, prompts Yelp to parse attacker-controlled `.page` files located in the user’s Downloads directory.
2. XInclude Arbitrary File Read:
Within the malicious `.page` file, attackers can include directives like:
“`xml
“`
This directive instructs Yelp to include the contents of the user’s SSH private key (`id_rsa`) into the rendered document, effectively exposing sensitive information.
3. SVG-Based Script Injection:
Yelp’s XSLT processor copies `
“`xml
“`
When the malicious `.page` file is rendered, the embedded script executes, sending the stolen SSH key to a remote server controlled by the attacker.
Exploit Workflow
The proof-of-concept (PoC) exploit for this vulnerability involves a two-phase attack:
1. Malicious Webpage Delivery:
An attacker crafts a webpage containing JavaScript that forces the download of a malicious `.page` file to the victim’s Downloads folder:
“`javascript
var link = document.createElement(‘a’);
link.href = ‘data:text/xml;base64,’ + btoa(maliciousPageContent);
link.download = ‘malicious.page’;
document.body.appendChild(link);
link.click();
“`
This script programmatically creates and clicks a download link, saving the malicious `.page` file to the user’s Downloads directory.
2. Triggering Yelp Parsing:
The same webpage then redirects the user to the `ghelp://` URI pointing to the Downloads folder:
“`javascript
window.location.href = ‘ghelp:///proc/self/cwd/Downloads/malicious.page’;
“`
This redirection causes Yelp to open and parse the malicious `.page` file, leading to the execution of the embedded script and subsequent data exfiltration.
Affected Systems
The vulnerability primarily affects systems running Ubuntu 22.04 LTS and other GNOME-based distributions that include Yelp version 42.1 or later. Given the widespread use of GNOME environments, a significant number of Linux desktop users are potentially at risk.
Mitigation Recommendations
To protect against this vulnerability, users and administrators should take the following steps:
1. Avoid Untrusted Links:
Refrain from clicking on `ghelp://` URIs from unverified or untrusted sources.
2. Patch Management:
Monitor official channels from GNOME and Ubuntu for updates. As of April 8, 2025, no official patches have been released, though proposed fixes are under review.
3. Network Segmentation:
Implement network segmentation to restrict external access to systems running vulnerable versions of Yelp.
4. User Education:
Educate users about the risks associated with clicking on unfamiliar links and downloading files from untrusted sources.
5. Endpoint Monitoring:
Deploy endpoint monitoring solutions to detect and respond to suspicious activities related to this vulnerability.
Conclusion
The discovery of CVE-2025-3155 underscores the importance of secure XML processing and cautious handling of custom URI schemes within Linux desktop environments. While exploiting this vulnerability requires user interaction, the combination of social engineering tactics and technical exploitation presents a significant threat. Until official patches are available, users and administrators must remain vigilant, implementing the recommended mitigations to safeguard sensitive information from potential exfiltration.
