PublicDateAtUSN: 2020-08-13 03:15:00 UTC
Candidate: CVE-2020-16291
PublicDate: 2020-08-13 03:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16291
 https://ubuntu.com/security/notices/USN-4469-1
Description:
 A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software
 GhostScript v9.50 allows a remote attacker to cause a denial of service via
 a crafted PDF file. This is fixed in v9.51.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
 https://bugs.ghostscript.com/show_bug.cgi?id=701787
Priority: medium
Discovered-by:
Assigned-to: mdeslaur
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H [5.5 MEDIUM]


Patches_ghostscript:
 upstream: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=4f73e8b4d578e69a17f452fa60d2130c5faaefd6
upstream_ghostscript: released (9.51~dfsg-1)
precise/esm_ghostscript: DNE
trusty_ghostscript: ignored (out of standard support)
trusty/esm_ghostscript: DNE
xenial_ghostscript: not-affected (code not present)
esm-infra/xenial_ghostscript: not-affected (code not present)
bionic_ghostscript: released (9.26~dfsg+0-0ubuntu0.18.04.13)
focal_ghostscript: released (9.50~dfsg-5ubuntu4.2)
devel_ghostscript: not-affected (9.51~dfsg-1)