PT-2020-5551 · Artifex+6 · Ghostscript+6

Suhwan

Published

2020-08-13

Updated

2022-06-29

CVE-2020-16303

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions GhostScript versions 9.50

Description A use-after-free issue in the xps finish image path() function allows a remote attacker to escalate privileges via a crafted PDF file. This issue may impact the confidentiality, integrity, and availability of protected information.

Recommendations For GhostScript version 9.50, update to version 9.51 to resolve the issue.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2021:1852

BDU:2021-01150

CESA-2021_1852

CVE-2020-16303

DLA-2335-1

DSA-4748-1

MGASA-2020-0344

RHSA-2021:1852

RHSA-2021_1852

RLSA-2021:1852

USN-4469-1

Affected Products

Almalinux

Centos

Ghostscript

Linuxmint

Red Hat

Rocky Linux

Ubuntu

PT-2020-5551 · Artifex+6 · Ghostscript+6

CVE-2020-16303

Weakness Enumeration

Related Identifiers

Affected Products

References · 115