Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 812509 (CVE-2021-3781)

Summary: <app-text/ghostscript-gpl-9.54.0-r1: arbitrary code execution vulnerability (CVE-2021-3781)
Product: Gentoo Security Reporter: Alexander Sergeyev <sergeev917>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: IN_PROGRESS ---    
Severity: major CC: codec, hanno, printing
Priority: Normal Keywords: PullRequest
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugs.ghostscript.com/show_bug.cgi?id=704342
See Also: https://github.com/gentoo/gentoo/pull/23715
Whiteboard: A2 [glsa?]
Package list:
Runtime testing required: ---
Bug Depends on: 796659    
Bug Blocks:    

Description Alexander Sergeyev 2021-09-11 07:03:38 UTC
The bug description can be found at $URL. Commit with a fix is available at [1].

[1] https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a9bd3dec9fde03327a4a2c69dad1036bf9632e20

Reproducible: Always

Steps to Reproduce:
Refer to the $URL for details.
Actual Results:  
With a specially crafted input, gs runs arbitrary shell commands.

Expected Results:  
The input should have been properly sanitized.
Comment 1 Larry the Git Cow gentoo-dev 2021-09-13 00:54:29 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eeb37a3981b77ed60be7975287e1a503375fa493

commit eeb37a3981b77ed60be7975287e1a503375fa493
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2021-09-13 00:53:50 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2021-09-13 00:54:18 +0000

    app-text/ghostscript-gpl: patch CVE-2021-3781
    
    Bug: https://bugs.gentoo.org/812509
    Signed-off-by: Sam James <sam@gentoo.org>

 .../ghostscript-gpl-9.54.0-CVE-2021-3781.patch     | 213 +++++++++++++++++++++
 .../ghostscript-gpl-9.54.0-r1.ebuild               | 191 ++++++++++++++++++
 2 files changed, 404 insertions(+)
Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-10-20 06:59:35 UTC
Needs cleanup.
Comment 3 Larry the Git Cow gentoo-dev 2022-01-15 14:15:09 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=215fe07aa9dba7d2732a8a62836f7493927ccbbb

commit 215fe07aa9dba7d2732a8a62836f7493927ccbbb
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2022-01-15 12:37:10 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2022-01-15 14:14:59 +0000

    app-text/ghostscript-gpl: Cleanup vulnerable 9.52-r1, 9.53.3-r5, 9.54.0
    
    Bug: https://bugs.gentoo.org/812509
    Package-Manager: Portage-3.0.30, Repoman-3.0.3
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 app-text/ghostscript-gpl/Manifest                  |   4 -
 .../files/ghostscript-gpl-9.53.3-fix-ps2epsi.patch |  16 --
 .../ghostscript-gpl-9.53.3-freetype-2.10.3.patch   |  20 ---
 .../ghostscript-gpl/ghostscript-gpl-9.52-r1.ebuild | 197 ---------------------
 .../ghostscript-gpl-9.53.3-r5.ebuild               | 196 --------------------
 .../ghostscript-gpl/ghostscript-gpl-9.54.0.ebuild  | 189 --------------------
 6 files changed, 622 deletions(-)