PublicDateAtUSN: 2018-10-15
Candidate: CVE-2018-18073
PublicDate: 2018-10-15 16:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18073
 https://www.openwall.com/lists/oss-security/2018/10/10/12
 https://ubuntu.com/security/notices/USN-3803-1
Description:
 Artifex Ghostscript allows attackers to bypass a sandbox protection
 mechanism by leveraging exposure of system operators in the saved execution
 stack in an error object.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.chromium.org/p/project-zero/issues/detail?id=1690
 https://bugs.ghostscript.com/show_bug.cgi?id=699927
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910758
Priority: medium
Discovered-by: Tavis Ormandy
Assigned-to: mdeslaur
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N [6.3 MEDIUM]
 nvd: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N [6.3 MEDIUM]


Patches_ghostscript:
 upstream: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=34cc326eb2c5695833361887fe0b32e8d987741c
upstream_ghostscript: needs-triage
precise/esm_ghostscript: DNE
trusty_ghostscript: released (9.25~dfsg+1-0ubuntu0.14.04.2)
trusty/esm_ghostscript: DNE (trusty was released [9.25~dfsg+1-0ubuntu0.14.04.2])
xenial_ghostscript: released (9.25~dfsg+1-0ubuntu0.16.04.2)
esm-infra/xenial_ghostscript: released (9.25~dfsg+1-0ubuntu0.16.04.2)
bionic_ghostscript: released (9.25~dfsg+1-0ubuntu0.18.04.2)
cosmic_ghostscript: released (9.25~dfsg+1-0ubuntu1.1)
devel_ghostscript: released (9.25~dfsg+1-0ubuntu1.1)