SB2023090211 - openEuler update for poppler

Main Vulnerability Database SB2023090211

SB2023090211 - openEuler update for poppler

Published: September 2, 2023

Security Bulletin ID SB2023090211

Severity

Medium

Patch available

YES

Number of vulnerabilities 6

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.

1) Uncontrolled recursion (CVE-ID: CVE-2020-23804)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to uncontrolled recursion in pdfinfo and pdftops. A remote attacker can pass a specially crafted document to application and perform a denial of service (DoS) attack.

2) Input validation error (CVE-ID: CVE-2022-37050)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the PDFDoc::savePageAs() function in PDFDoc.c. A remote attacker can trick the victim to open a specially crafted PDF file and perform a denial of service (DoS) attack.

Note, the vulnerability exists due to incomplete patch for #VU16830 (CVE-2018-20662).

3) Reachable Assertion (CVE-ID: CVE-2022-37051)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion in pdfunite.cc. A remote attacker can trick the victim to open a specially crafted PDF file and crash the application.

4) Reachable Assertion (CVE-ID: CVE-2022-37052)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion in Object::getString(). A remote attacker can trick the victim to open a specially crafted file and crash the application.

5) Reachable Assertion (CVE-ID: CVE-2022-38349)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion within the PDFDoc::replacePageDict() function in PDFDoc.cc. A remote attacker can trick the victim to open a specially crafted PDF file and crash the application.

6) Input validation error (CVE-ID: CVE-2018-20662)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a wrong return value from PDFDoc::setup when an xref data structure is mishandled during extractPDFSubtype processing. A remote attacker can trick the victim into opening a specially crafter PDF file cause application crash by Object.h SIGABRT.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1561

Vulnerable Software

openEuler: 20.03 LTS SP1 - 22.03 LTS SP1
poppler-glib-doc: before 0.90.0-4
poppler-help: before 0.90.0-4
poppler-debuginfo: before 0.90.0-4
poppler-cpp: before 0.90.0-4
poppler-utils: before 0.90.0-4
poppler-debugsource: before 0.90.0-4
poppler-glib: before 0.90.0-4
poppler-devel: before 0.90.0-4
poppler-glib-devel: before 0.90.0-4
poppler-qt5: before 0.90.0-4
poppler-qt5-devel: before 0.90.0-4
poppler-cpp-devel: before 0.90.0-4
poppler: before 0.90.0-4