Buffer overflow in Ghostscript

#VU45844 Buffer overflow in Ghostscript

Published: 2020-08-13 | Updated: 2020-08-26

Vulnerability identifier: #VU45844

Vulnerability risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-16302

CWE-ID: CWE-120

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Ghostscript
Universal components / Libraries / Libraries used by multiple products

Vendor: Artifex Software, Inc.

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

A buffer overflow vulnerability exists in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript. A remote attacker can trick the victim to open a specially crafted PDF file, trigger memory corruption and execute arbitrary code on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Ghostscript: 9.50

External links
http://bugs.ghostscript.com/show_bug.cgi?id=701815
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=366ad48d076c1aa4c8f83c65011258a04e348207
http://lists.debian.org/debian-lts-announce/2020/08/msg00032.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Red Hat Enterprise Linux 8 update for ghostscript

Buffer overflow in ghostscript (Alpine package)

Gentoo update for GPL Ghostscript

Debian update for ghostscript

Multiple vulnerabilities in Ghostscript