CVE-2025-27834

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Debian Linux (affected versions not specified) ghostscript (affected versions not specified)

Description The issue is caused by a buffer overflow resulting from an oversized Type 4 function in a PDF. It is also related to package vulnerabilities in ghostscript in Debian Linux.

Recommendations For Debian Linux, update the ghostscript package to a version that is not affected by this issue. For ghostscript, consider restricting the processing of PDFs with oversized Type 4 functions until a patch is available.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

ALT-PU-2025-8484

ALT-PU-2025-9591

BDU:2025-03704

CVE-2025-27834

DSA-5888-1

MGASA-2025-0098

OESA-2025-1358

OESA-2025-1359

OESA-2025-1360

OESA-2025-1362

OPENSUSE-SU-2025:14953-1

USN-7378-1

Affected Products

Alt Linux

Astra Linux

Debian

Linuxmint

Red Os

Ubuntu

Ghostscript

CVE-2025-27834

Weakness Enumeration

Related Identifiers

Affected Products

References · 65