PT-2018-2295 · Artifex+5 · Artifex Ghostscript+5

Tavis Ormandy

Published

2018-08-21

Updated

2024-06-15

CVE-2018-16509

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Artifex Ghostscript versions prior to 9.24

Description An issue in Artifex Ghostscript allows attackers to execute code using the "pipe" instruction by supplying crafted PostScript, due to incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions. This could enable a remote attacker to load specially crafted PostScript code and, as a result, execute arbitrary code.

Recommendations For versions prior to 9.24, update to version 9.24 or later to resolve the issue. As a temporary workaround, consider restricting the use of the "pipe" instruction in crafted PostScript code until a patch is applied.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

ALSA-2021_1852

ALT-PU-2018-2799

BDU:2019-00422

CESA-2018_2918

CESA-2018_3760

CVE-2018-16509

DLA-1504-1

DSA-4294-1

ELSA-2018-2918

ELSA-2018-3760

MGASA-2018-0378

OPENSUSE-SU-2018_3036-1

OPENSUSE-SU-2018_3038-1

OPENSUSE-SU-2024:10783-1

RHSA-2018:2918

RHSA-2018:3760

RHSA-2018_2918

RHSA-2018_3760

SUSE-SU-2018:2975-1

SUSE-SU-2018:2975-2

SUSE-SU-2018:2975-3

SUSE-SU-2018:2976-1

SUSE-SU-2018:3330-1

SUSE-SU-2018_2975-1

SUSE-SU-2018_2975-2

SUSE-SU-2018_2975-3

SUSE-SU-2018_2976-1

SUSE-SU-2018_3330-1

USN-3768-1

Affected Products

Alt Linux

Artifex Ghostscript

Centos

Red Hat

Suse

Ubuntu

PT-2018-2295 · Artifex+5 · Artifex Ghostscript+5

CVE-2018-16509

Weakness Enumeration

Related Identifiers

Affected Products

References · 132