| Summary: | app-text/xpdf: multiple vulnerabilities ("fixed in next release") | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | CONFIRMED --- | ||
| Severity: | minor | CC: | bircoph, maintainer-needed |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://forum.xpdfreader.com/viewtopic.php?f=3&t=42261 | ||
| Whiteboard: | B3 [upstream] | ||
| Package list: | Runtime testing required: | --- | |
|
Description
John Helmert III
2022-05-16 16:39:56 UTC
CVE-2022-30775 (https://forum.xpdfreader.com/viewtopic.php?f=3&t=42264): xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by (for example) sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKE_CXX_COMPILER=afl-clang-fast++ option. Both "fixed in the next release" as of May, so not in 4.04. CVE-2022-38928 (https://forum.xpdfreader.com/viewtopic.php?f=3&t=42325&sid=7b08ba9a518a99ce3c5ff40e53fc6421): XPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2393. CVE-2022-38222 (https://forum.xpdfreader.com/viewtopic.php?f=3&t=42320): There is a use-after-free issue in JBIG2Stream::close() located in JBIG2Stream.cc in Xpdf 4.04. It can be triggered by sending a crafted PDF file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact. CVE-2022-41843 (https://forum.xpdfreader.com/viewtopic.php?f=3&t=42325&sid=7b08ba9a518a99ce3c5ff40e53fc6421): https://forum.xpdfreader.com/viewtopic.php?f=1&t=42344 An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE-2022-38928. These too "fixed in next release". |