Yelp is the default help browser in GNOME-based Linux distributions, including widely used systems such as Ubuntu, Fedora and Debian etc. It is responsible for rendering help documentation written in the Mallard XML format and integrates tightly with the desktop environment via the ghelp:// URI scheme. This integration allows applications and users to open help topics directly using protocol links, making Yelp a core utility for accessing user guides and documentation.
A vulnerability was recently discovered in Yelp that allows it to process specially crafted help documents in unsafe ways. This flaw, identified as CVE-2025-3155, can be exploited to execute arbitrary scripts embedded within help files, potentially leading to the exposure of sensitive user data to external systems.
Vulnerability Overview
CVE-2025-3155 is a vulnerability in Yelp, the GNOME help browser, related to its handling of help documents written in the Mallard XML format.
An attacker can craft a malicious .page file that uses XInclude to embed the contents of arbitrary local files—such as /etc/passwd or private SSH keys—directly into the displayed help content. If the user opens this file in Yelp, the referenced file is read and rendered within the interface, leading to local file disclosure.
An attacker may also embed SVG elements containing JavaScript within the crafted help file. When processed by Yelp, these scripts can be executed as part of the rendering process, enabling the exfiltration of included file content to an external server. The vulnerability affects Yelp versions up to 42.1 and has been confirmed on GNOME-based distributions such as Ubuntu 22.04.
Attack Flow
The exploitation of CVE-2025-3155 involves delivering a malicious Mallard .page help file to the victim and leveraging Yelp’s behaviour to access and potentially leak sensitive local files. The process can be broken down into the following steps:
Craft and Host the Malicious File
The attacker creates a malicious .page file containing an XInclude directive to reference sensitive local files and embeds SVG-based JavaScript for exfiltration. This file is then hosted on a web page under the attacker’s control.
Placing the File on the Victim’s System
Through social engineering or a drive-by download technique, the attacker delivers the crafted file to a user-writable directory on the victim’s system.
Trigger Yelp via the ghelp URI Scheme
The attacker leads the victim to a crafted ghelp:// link that references the previously downloaded malicious page file. When accessed, Yelp opens the file for processing.
Yelp Processes and Exfiltrates Content
When Yelp opens the page file, it processes the XInclude directive and reads content from the specified local files. In an attack scenario where the file contains embedded SVG scripting, the extracted data can be exfiltrated to an attacker-controlled server.
Real-World Consequences
CVE-2025-3155 highlights a significant weakness in how user-facing applications like Yelp process local help content. This flaw has the potential to enable attackers to exfiltrate sensitive user files such as SSH private keys or password stores. In targeted environments, such as hospitality, entertainment, or enterprise Linux workstations, exploitation of this vulnerability could:
- Lead to unauthorized access to confidential files and credentials.
- Serve as an early-stage foothold for lateral movement in broader attack campaigns.
- Facilitate deployment of backdoors or data-stealing malware.
- Precede or support larger cyberattacks carried out by advanced threat actors.
Evidence from recent cyber threat reports suggests this vulnerability has already been leveraged by threat groups in targeted industries.
Countermeasures for CVE-2025-3155
To safeguard Linux systems and users against exploitation of this vulnerability, the following countermeasures are strongly recommended:
Update Yelp Immediately: Ensure Yelp is updated to version 42.2 or later, where the vulnerability is patched.
Restrict ghelp:// URI Usage: Avoid launching help files from untrusted sources or links. Consider limiting the exposure of ghelp:// handlers via URI sandboxing or policy enforcement.
Harden File Access Permissions: Limit read permissions for sensitive files like ~/.ssh/id_rsa and other secrets. Regularly audit user permissions and use encrypted key storage wherever possible.
Monitor Yelp Behaviour: Although monitoring is not a primary mitigation, security teams may choose to audit Yelp usage for post-exploitation indicators. Abnormal patterns—such as Yelp accessing sensitive files or initiating network connections—could signal an attempted abuse of the vulnerability. This should be used as part of broader endpoint visibility, not as a standalone defence.
Educate End Users: Inform users about the risks of opening help files from unknown sources and recognize spoofed support documentation. Implement awareness campaigns that treat .page files as potentially harmful.
By combining patch management with proactive monitoring and user education, organizations can mitigate the risks posed by CVE-2025-3155 and prevent it from being used as a stepping stone in larger attack chains.
Conclusion
CVE-2025-3155 demonstrates how functionality intended for local documentation rendering can become a vector for unintended data exposure. By leveraging features like XInclude and URI-based invocation, an attacker can craft a low-interaction exploitation chain capable of disclosing sensitive files and exfiltrating them without explicit user consent. This case underscores the importance of strict content handling in local applications and reinforces the need for timely updates and user vigilance against unfamiliar file types and protocol-driven links.
References:
https://gitlab.gnome.org/GNOME/yelp/-/issues/221
Authors:
Vinay Kumar
Adrip Mukherjee
