PT-2023-3318 · Artifex+8 · Artifex Ghostscript+8

Published

2023-06-25

·

Updated

2025-05-13

·

CVE-2023-36664

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Artifex Ghostscript versions 10.01.2 and earlier
Description The issue arises from mishandled permission validation for pipe devices, specifically those with the %pipe% prefix or the | pipe character prefix. This can lead to command injection, allowing an attacker to execute arbitrary code. There have been reports of this issue being exploited in real-world incidents, with attackers using manipulated files to execute code remotely. The estimated number of potentially affected devices is not specified.
Recommendations For Artifex Ghostscript versions 10.01.2 and earlier, update to a version later than 10.01.2 to resolve the issue. As a temporary workaround, consider restricting access to the | pipe character prefix and the %pipe% prefix in pipe devices to minimize the risk of exploitation. Additionally, avoid using untrusted input in Ghostscript to prevent command injection attacks.

Exploit

Fix

Files Accessible to External Parties

OS Command Injection

Weakness Enumeration

CWE-552CWE-78CWE-275

Related Identifiers

ALSA-2023:5459
ALSA-2023_5459
ALSA-2023_6265
ALSA-2023_6544
ALSA-2023_6732
ALSA-2023_7053
ALSA-2024_3999
ALSA-2024_4000
ALSA-2024_6197
ALSA-2025_4362
ALSA-2025_7422
ALT-PU-2024-13477
ALT-PU-2024-14136
ALT-PU-2024-14302
BDU:2023-03466
CVE-2023-36664
DSA-5446-1
ELSA-2023-5459
MGASA-2023-0260
OESA-2023-1604
OESA-2023-1605
OESA-2023-1606
OESA-2023-1607
OPENSUSE-SU-2024:13036-1
RHSA-2023:4324
RHSA-2023:5459
RHSA-2023_5459
RLSA-2023:5459
RLSA-2023_5459
ROSA-SA-2023-2318
SUSE-SU-2023:2829-1
SUSE-SU-2023:2844-1
SUSE-SU-2023_2829-1
SUSE-SU-2023_2844-1
USN-6213-1

Affected Products

Alt Linux
Almalinux
Artifex Ghostscript
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu