CVE-2024-46952

CVSS v3.1

8.4

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Artifex Ghostscript versions prior to 10.04.0

Description A buffer overflow issue exists in the pdf/pdf xref.c file of Artifex Ghostscript, related to the handling of a PDF XRef stream and W array values. This issue can be exploited by a remote attacker, potentially affecting the confidentiality, integrity, and availability of protected information when processing specially crafted PDF documents.

Recommendations For Artifex Ghostscript versions prior to 10.04.0, update to version 10.04.0 or later to resolve the issue. As a temporary workaround, consider restricting the handling of PDF XRef streams to minimize the risk of exploitation.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

ALSA-2025:4362

ALSA-2025:7422

BDU:2024-09289

CESA-2025_4362

CVE-2024-46952

DSA-5808-1

INFSA-2025_4362

INFSA-2025_7422

MGASA-2024-0326

OESA-2024-2355

OESA-2024-2357

OESA-2024-2358

OESA-2024-2359

OPENSUSE-SU-2024:14423-1

RHSA-2025:4362

RHSA-2025:7422

RHSA-2025:7499

RHSA-2025_4362

RHSA-2025_7422

USN-7103-1

Affected Products

Almalinux

Artifex Ghostscript

Astra Linux

Centos

Linuxmint

Red Hat

Red Os

Rocky Linux

Ubuntu

CVE-2024-46952

Weakness Enumeration

Related Identifiers

Affected Products

References · 77