Описание
Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name.
A flaw was found in Ghostscript. The PDFDEBUG flag controls the value of ctx->args.debug. In pdfi_apply_filter. This issue enables the execution of a memcpy into a stack buffer, without bounds checks. A filter name larger than 100 will overflow the str buffer, which may lead to an application crash or other unexpected behavior.
Отчет
The buffer overflow vulnerability in Ghostscript's pdfi_apply_filter function, triggered by the PDFDEBUG flag, is classified as a moderate severity issue rather than high priority. This classification stems from the fact that the overflow affects a stack buffer (str) with a fixed size and is specifically related to debug information. While such an overflow could potentially lead to crashes or undefined behavior, its exploitation is constrained to scenarios where an attacker can control the PDFDEBUG flag and provides a filter name exceeding 100 characters. The specific conditions required for triggering the overflow limit its immediate risk compared to vulnerabilities with broader attack vectors or those impacting more critical components. Furthermore, this issue's impact is primarily confined to the application's stability and does not directly enable arbitrary code execution or escalate privileges without additional context.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | ghostscript | Not affected | ||
| Red Hat Enterprise Linux 6 | ghostscript | Out of support scope | ||
| Red Hat Enterprise Linux 7 | ghostscript | Out of support scope | ||
| Red Hat Enterprise Linux 8 | ghostscript | Not affected | ||
| Red Hat Enterprise Linux 8 | gimp:flatpak/ghostscript | Not affected | ||
| Red Hat Enterprise Linux 9 | ghostscript | Will not fix |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
5.4 Medium
CVSS3
Связанные уязвимости
Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name.
Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name.
Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow i ...
Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name.
Уязвимость функции pdfi_apply_filter() набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю выполнить произвольный код, вызвать отказ в обслуживании или получить полный контроль над приложением
EPSS
5.4 Medium
CVSS3