CVE-2017-9406 in Ubuntu

CVE-2017-9406

Priority

Description

In Poppler 0.54.0, a memory leak vulnerability was found in the function
gmalloc in gmem.cc, which allows attackers to cause a denial of service via
a crafted file.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
https://usn.ubuntu.com/usn/usn-3350-1

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864010
https://bugs.freedesktop.org/show_bug.cgi?id=100775

Assigned-to

mdeslaur

Package

Source: poppler (LP Ubuntu Debian)

Upstream:	released (0.55)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	released (0.24.5-2ubuntu4.5)
Ubuntu 16.04 LTS (Xenial Xerus):	released (0.41.0-0ubuntu1.2)

Patches:

Upstream:

https://cgit.freedesktop.org/poppler/poppler/commit/?id=278439531b13b0b047dbe3a75aa3f1b3407c8bd4

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2019-01-14 22:31:03 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)