All errata/c10f2/ALT-PU-2024-7064-3
ALT-PU-2024-7064-3

Package update ghostscript in branch c10f2

Version10.01.1-alt2
Task#345759
Published2024-04-27
Max severityCRITICAL
Severity:

Closed issues (5)

BDU:2022-00147
MEDIUM5.5

Уязвимость реализации функции sampled_data_finish() набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2022-01-12Modified: 2024-06-04
CVSS 3.xMEDIUM 5.5
CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS 2.0MEDIUM 4.9
CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C
References
BDU:2023-02055
CRITICAL9.8

Уязвимость набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, связанная с записью за границами буфера в памяти, позволяющая нарушителю выполнить произвольный код

Published: 2023-04-13Modified: 2025-03-19
CVSS 3.xCRITICAL 9.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
References
CVE-2021-3781
CRITICAL9.9

A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Published: 2022-02-16Modified: 2024-11-21
CVSS 2.0CRITICAL 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS 3.xCRITICAL 9.9
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References
CVE-2021-45949
MEDIUM5.5

Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).

Published: 2022-01-01Modified: 2024-11-21
CVSS 2.0MEDIUM 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS 3.xMEDIUM 5.5
CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References
CVE-2023-28879
CRITICAL9.8

In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written.

Published: 2023-03-31Modified: 2025-02-14
CVSS 3.xCRITICAL 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References

Closed bugs (1)

Bug #46986

Артефакты генерации postscript, отсутствие текста на тестовой странице CUPS