Описание
A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a prototype that depends upon the number of bits per pixel. For bpp > 64, mem_x_device is used and does not have an init_device_procs defined. This flaw allows an attacker to parse a large number of bits (more than 64 bits per pixel), which triggers a NULL pointer dereference flaw, causing an application to crash.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | 9.26~dfsg+0-0ubuntu0.18.04.16 |
| devel | not-affected | 9.56.1~dfsg1-0ubuntu3 |
| esm-infra/bionic | not-affected | 9.26~dfsg+0-0ubuntu0.18.04.16 |
| esm-infra/focal | not-affected | 9.50~dfsg-5ubuntu4.5 |
| esm-infra/xenial | not-affected | |
| focal | not-affected | 9.50~dfsg-5ubuntu4.5 |
| impish | ignored | end of life |
| jammy | released | 9.55.0~dfsg1-0ubuntu5.1 |
| kinetic | not-affected | 9.56.1~dfsg1-0ubuntu3 |
| upstream | released | 9.56.0~dfsg-1 |
Показывать по
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a prototype that depends upon the number of bits per pixel. For bpp > 64, mem_x_device is used and does not have an init_device_procs defined. This flaw allows an attacker to parse a large number of bits (more than 64 bits per pixel), which triggers a NULL pointer dereference flaw, causing an application to crash.
A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a prototype that depends upon the number of bits per pixel. For bpp > 64, mem_x_device is used and does not have an init_device_procs defined. This flaw allows an attacker to parse a large number of bits (more than 64 bits per pixel), which triggers a NULL pointer dereference flaw, causing an application to crash.
A NULL pointer dereference vulnerability was found in Ghostscript, whi ...
A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a prototype that depends upon the number of bits per pixel. For bpp > 64, mem_x_device is used and does not have an init_device_procs defined. This flaw allows an attacker to parse a large number of bits (more than 64 bits per pixel), which triggers a NULL pointer dereference flaw, causing an application to crash.
4.3 Medium
CVSS2
5.5 Medium
CVSS3