Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 942639 (CVE-2024-46951, CVE-2024-46952, CVE-2024-46953, CVE-2024-46954, CVE-2024-46955, CVE-2024-46956)

Summary: <app-text/ghostscript-gpl-10.04.0: Multiple vulnerabilities
Product: Gentoo Security Reporter: Sam James <sam>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: IN_PROGRESS ---    
Severity: normal CC: alexander, codec, printing
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: A2 [glsa+ cleanup]
Package list:
Runtime testing required: ---
Bug Depends on: 945129    
Bug Blocks:    

Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-11-01 07:11:51 UTC 
From https://www.ghostscript.com/ and https://ghostscript.readthedocs.io/en/gs10.04.0/News.html:
"""
September 18, 2024: Ghostscript/GhostPDL 10.04.0 release fixes: CVE-2024-46951, CVE-2024-46952, CVE-2024-46953, CVE-2024-46954, CVE-2024-46955 and CVE-2024-46956.
"""
Comment 1 Larry the Git Cow gentoo-dev 2024-11-01 07:13:55 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9d34845b91de4df6d8b352c2bd0e317a5a85cfdb

commit 9d34845b91de4df6d8b352c2bd0e317a5a85cfdb
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2024-11-01 07:10:57 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-11-01 07:13:18 +0000

    app-text/ghostscript-gpl: add 10.04.0
    
    Bug: https://bugs.gentoo.org/942639
    Signed-off-by: Sam James <sam@gentoo.org>

 app-text/ghostscript-gpl/Manifest                  |   2 +
 .../ghostscript-gpl/ghostscript-gpl-10.04.0.ebuild | 198 +++++++++++++++++++++
 2 files changed, 200 insertions(+)
Comment 2 Hans de Graaff gentoo-dev Security 2024-11-17 08:14:01 UTC 
CVE-2024-46951

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.


CVE-2024-46952

An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).


CVE-2024-46953

An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.


CVE-2024-46954
Undergoing Reanalysis

An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.


CVE-2024-46955

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.


CVE-2024-46956

An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.
Comment 3 Larry the Git Cow gentoo-dev 2025-01-23 06:18:44 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=d9a62f6edb668bbc647f3d18731071bb283adf14

commit d9a62f6edb668bbc647f3d18731071bb283adf14
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2025-01-23 06:18:34 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2025-01-23 06:18:42 +0000

    [ GLSA 202501-06 ] GPL Ghostscript: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/942639
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202501-06.xml | 47 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)