PT-2022-7198 · Ghostpcl+3 · Ghostpcl+3

Patchkey

Published

2022-04-12

Updated

2022-04-23

CVE-2022-1350

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions GhostPCL version 9.55.0 Ghostscript version 9.55.0

Description A problematic vulnerability was found in the function chunk free object of the file gsmchunk.c. This issue is related to a buffer overflow. The manipulation with a malicious file leads to a memory corruption. The attack can be initiated remotely but requires user interaction.

Recommendations For GhostPCL version 9.55.0, apply the patches to fix this issue. For Ghostscript version 9.55.0, apply the patches to fix this issue. As a temporary workaround, consider disabling the chunk free object function until a patch is available.

Fix

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

BDU:2023-09081

CVE-2022-1350

Affected Products

Astra Linux

Debian

Ghostpcl

Ghostscript

PT-2022-7198 · Ghostpcl+3 · Ghostpcl+3

CVE-2022-1350

Weakness Enumeration

Related Identifiers

Affected Products

References · 15