CVE-2018-16802
Published: 10 September 2018
An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509.
Priority
Status
Package | Release | Status |
---|---|---|
ghostscript Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
xenial |
Released
(9.18~dfsg~0-0ubuntu2.9)
|
|
bionic |
Released
(9.22~dfsg+1-0ubuntu1.2)
|
|
trusty |
Released
(9.10~dfsg-0ubuntu10.13)
|
|
Patches: upstream: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5812b1b78fc4d36fdc293b7859de69241140d590 upstream: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=e914f1da46e33decc534486598dc3eadf69e6efb upstream: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3e5d316b72e3965b7968bb1d96baa137cd063ac6 upstream: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=643b24dbd002fb9c131313253c307cf3951b3d47 |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.8 |
Attack vector | Local |
Attack complexity | Low |
Privileges required | None |
User interaction | Required |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |