Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 655404 (CVE-2018-10194)

Summary: <app-text/ghostscript-gpl-9.25: Stack-based out-of-bounds write in pdf_set_text_matrix function in gdevpdts.c (CVE-2018-10194)
Product: Gentoo Security Reporter: Ian Zimmerman <nobrowser>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B3 [glsa+ cve]
Package list:
Runtime testing required: ---
Bug Depends on: 635426    
Bug Blocks:    

Description Ian Zimmerman 2018-05-10 15:59:34 UTC 
According to this posting [1] in oss-security:

The set_text_distance function in devices/vector/gdevpdts.c in the
pdfwrite component in Artifex Ghostscript through 9.22 does not prevent
overflows in text-positioning calculation, which allows remote attackers
to cause a denial of service (application crash) or possibly have
unspecified other impact via a crafted PDF document.

Upstream bug is in [2], but not publicly accessible, it seems.

[1]
http://www.openwall.com/lists/oss-security/2018/04/19/5

[2]
https://bugs.ghostscript.com/show_bug.cgi?id=699255
Comment 1 Teika kazura 2018-09-20 23:51:42 UTC 
This upstream commit [1] fixes this bug (i.e. upstream 699255), which is included in 9.25.

[1] http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2018-11-24 19:49:36 UTC 
This issue was resolved and addressed in
 GLSA 201811-12 at https://security.gentoo.org/glsa/201811-12
by GLSA coordinator Aaron Bauman (b-man).