Ubuntu update for ghostscript
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 9 |
| CVE-ID | CVE-2018-5727 CVE-2020-27814 CVE-2020-27824 CVE-2020-27841 CVE-2020-27842 CVE-2020-27843 CVE-2020-27845 CVE-2020-6851 CVE-2020-8112 |
| CWE-ID | CWE-190 CWE-122 CWE-119 CWE-476 CWE-125 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Ubuntu Operating systems & Components / Operating system libgs9 (Ubuntu package) Operating systems & Components / Operating system package or component ghostscript (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 9 vulnerabilities.
1) Integer overflow
EUVDB-ID: #VU37631
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-5727
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
MitigationUpdate the affected package ghostscript to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 18.04
libgs9 (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
ghostscript (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
External linkshttp://ubuntu.com/security/notices/USN-4686-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Heap-based buffer overflow
EUVDB-ID: #VU49185
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-27814
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in lib/openjp2/mqc.c. A remote attacker can pass specially crafted image to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package ghostscript to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 18.04
libgs9 (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
ghostscript (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
External linkshttp://ubuntu.com/security/notices/USN-4686-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU49184
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-27824
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing graphic files in lib/openjp2/dwt.c. A remote attacker can create a specially crafted image, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package ghostscript to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 18.04
libgs9 (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
ghostscript (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
External linkshttp://ubuntu.com/security/notices/USN-4686-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Heap-based buffer overflow
EUVDB-ID: #VU49183
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-27841
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can pass specially crafted image to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package ghostscript to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 18.04
libgs9 (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
ghostscript (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
External linkshttp://ubuntu.com/security/notices/USN-4686-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) NULL pointer dereference
EUVDB-ID: #VU50018
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-27842
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in openjpeg's t2 encoder in versions prior to 2.4.0. A remote attacker can pass specially crafted image to the application and perform a denial of service (DoS) attack.
MitigationUpdate the affected package ghostscript to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 18.04
libgs9 (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
ghostscript (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
External linkshttp://ubuntu.com/security/notices/USN-4686-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds read
EUVDB-ID: #VU50019
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-27843
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted image, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package ghostscript to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 18.04
libgs9 (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
ghostscript (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
External linkshttp://ubuntu.com/security/notices/USN-4686-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Heap-based buffer overflow
EUVDB-ID: #VU49181
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-27845
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in lib/openjp2/pi.c. A remote attacker can pass specially crafted image, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package ghostscript to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 18.04
libgs9 (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
ghostscript (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
External linkshttp://ubuntu.com/security/notices/USN-4686-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Heap-based buffer overflow
EUVDB-ID: #VU24306
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-6851
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the opj_t1_clbl_decode_processor() function in libopenjp2.so. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package ghostscript to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 18.04
libgs9 (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
ghostscript (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
External linkshttp://ubuntu.com/security/notices/USN-4686-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Heap-based buffer overflow
EUVDB-ID: #VU25546
Risk: Medium
CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-8112
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the the qmfbid==1 case, a different issue than CVE-2020-6851. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package ghostscript to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 18.04
libgs9 (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
ghostscript (Ubuntu package): before 9.26~dfsg+0-0ubuntu0.18.04.14
External linkshttp://ubuntu.com/security/notices/USN-4686-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
