CVE-2017-6196

Priority
Description
Multiple use-after-free vulnerabilities in the gx_image_enum_begin function
in base/gxipixel.c in Ghostscript before
ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a
denial of service (application crash) or possibly have unspecified other
impact via a crafted PostScript document.
Notes
sbeattiePoC in bug report
mdeslaurintroduced by http://git.ghostscript.com/?p=ghostpdl.git;h=cffb5712bc10c2c2f46adf311fc74aaae74cb784
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [9.10~dfsg-0ubuntu10.6])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (9.18~dfsg~0-0ubuntu2.3)
Patches:
Upstream:http://git.ghostscript.com/?p=ghostpdl.git;h=ecceafe3abba2714ef9b432035fe0739d9b1a283
More Information

Updated: 2020-09-10 05:40:28 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)