Debian update for ghostscript



Published: 2018-11-28
Risk Low
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2018-19409
CVE-2018-19475
CVE-2018-19476
CVE-2018-19477
CWE-ID CWE-264
CWE-20
CWE-843
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Debian Linux
Operating systems & Components / Operating system

Vendor Debian

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Security restrictions bypass

EUVDB-ID: #VU16020

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19409

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass security restrictions on the target system.

The vulnerability exists due to improper checks of the LockSafetyParams device parameter if another device is used as the top device. A local attacker can make a .setdevice call and bypass security restrictions If another device, such as the pdf14 compositor, is the top device on the system.

Mitigation

Update the affected package to version: 9.26~dfsg-0+deb9u1

Vulnerable software versions

Debian Linux: All versions

External links

http://www.debian.org/security/2018/dsa-4346


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Security restrictions bypass

EUVDB-ID: #VU16071

Risk: Low

CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19475

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The vulnerability exists due to the psi/zdevice2.c source code file fails to check available stack space. A remote unauthenticated attacker can trick the victim into accessing a PostScript file that submits malicious input to bypass the security access restrictions on the targeted system, which could be used to conduct further attacks.

Mitigation

Update the affected package to version: 9.26~dfsg-0+deb9u1

Vulnerable software versions

Debian Linux: All versions

External links

http://www.debian.org/security/2018/dsa-4346


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Type confusion

EUVDB-ID: #VU16073

Risk: Low

CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19476

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The vulnerability exists due to a setcolorspace type confusion condition in the psi/zicc.c source code file. A remote unauthenticated attacker can trick the victim into accessing a PostScript file that submits malicious input to bypass the security access restrictions on the targeted system, which could be used to conduct further attacks.

Mitigation

Update the affected package to version: 9.26~dfsg-0+deb9u1

Vulnerable software versions

Debian Linux: All versions

External links

http://www.debian.org/security/2018/dsa-4346


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Type confusion

EUVDB-ID: #VU16072

Risk: Low

CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19477

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The vulnerability exists due to a JBIG2Decode type confusion condition in the psi/zfjbig2.csource code file. A remote unauthenticated attacker can trick the victim into accessing a PostScript file that submits malicious input to bypass the security access restrictions on the targeted system, which could be used to conduct further attacks.

Mitigation

Update the affected package to version: 9.26~dfsg-0+deb9u1

Vulnerable software versions

Debian Linux: All versions

External links

http://www.debian.org/security/2018/dsa-4346


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###