Описание
Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc.
A flaw was found in Ghostscript. Thepdf_base_font_alloc function used by the pdfwrite device will use a hexadecimal pointer representation for the constructed BaseFont name if the input name is empty. This flaw allows an attacker to obtain this pointer value by reading back to the output file after writing to a temporary writable and readable location.
Отчет
The vulnerability in Ghostscript’s pdf_base_font_alloc function represents a moderate severity issue rather than a important one due to the nature of the exposed information. While the hexadecimal pointer representation of the BaseFont name can be read from the output file, it does not directly reveal sensitive data such as user credentials or confidential content. Instead, the pointer value may offer insights into the memory layout or internal data structures, which, although potentially useful for further exploitation, requires additional steps and context to leverage effectively.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | ghostscript | Not affected | ||
| Red Hat Enterprise Linux 6 | ghostscript | Out of support scope | ||
| Red Hat Enterprise Linux 7 | ghostscript | Out of support scope | ||
| Red Hat Enterprise Linux 8 | ghostscript | Not affected | ||
| Red Hat Enterprise Linux 8 | gimp:flatpak/ghostscript | Not affected | ||
| Red Hat Enterprise Linux 9 | ghostscript | Will not fix |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
4.4 Medium
CVSS3
Связанные уязвимости
Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc.
Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc.
Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure ...
4.4 Medium
CVSS3