SB2025101754 - Ubuntu update for mupdf

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025101754

SB2025101754 - Ubuntu update for mupdf

Published: October 17, 2025

Security Bulletin ID SB2025101754
Severity
High
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 38% Medium 63%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.


1) Memory leak (CVE-ID: CVE-2018-1000036)

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak. A remote attacker can force the application to leak memory and perform denial of service attack.


2) Infinite loop (CVE-ID: CVE-2018-10289)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file.


3) Buffer overflow (CVE-ID: CVE-2018-16647)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.


4) Input validation error (CVE-ID: CVE-2018-16648)

The vulnerability allows remote attackers to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (segmentation fault) via a crafted pdf file.


5) Use-after-free (CVE-ID: CVE-2020-21896)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the svg_dev_text_span_as_paths_defs() function in source/fitz/svg-device.c when handling PDF files. A remote attacker can pass specially crafted input to the application and compromise the affected system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.


6) Memory leak (CVE-ID: CVE-2020-26683)

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak pdf_new_array() in /pdf/pdf-font-add.c. A remote attacker can force the application to leak memory and perform denial of service attack.


7) Double Free (CVE-ID: CVE-2021-3407)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger double free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


8) Out-of-bounds write (CVE-ID: CVE-2021-37220)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in the cached color converter. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.


Remediation

Install update from vendor's website.

References