openEuler 24.03 LTS update for texlive-base

Published: 2024-08-23

Risk	Low
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2023-46048 CVE-2023-46051
CWE-ID	CWE-476
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	openEuler Operating systems & Components / Operating system texlive-yplan Operating systems & Components / Operating system package or component texlive-xmltex Operating systems & Components / Operating system package or component texlive-xindex Operating systems & Components / Operating system package or component texlive-wordcount Operating systems & Components / Operating system package or component texlive-webquiz Operating systems & Components / Operating system package or component texlive-vpe Operating systems & Components / Operating system package or component texlive-urlbst Operating systems & Components / Operating system package or component texlive-ulqda Operating systems & Components / Operating system package or component texlive-typeoutfileinfo Operating systems & Components / Operating system package or component texlive-tpic2pdftex Operating systems & Components / Operating system package or component texlive-thumbpdf Operating systems & Components / Operating system package or component texlive-texsis Operating systems & Components / Operating system package or component texlive-texplate Operating systems & Components / Operating system package or component texlive-texosquery Operating systems & Components / Operating system package or component texlive-texloganalyser Operating systems & Components / Operating system package or component texlive-texliveonfly Operating systems & Components / Operating system package or component texlive-texlive.infra Operating systems & Components / Operating system package or component texlive-texlive-scripts-extra Operating systems & Components / Operating system package or component texlive-texlive-scripts Operating systems & Components / Operating system package or component texlive-texlive-en Operating systems & Components / Operating system package or component texlive-texfot Operating systems & Components / Operating system package or component texlive-texdoctk Operating systems & Components / Operating system package or component texlive-texdoc Operating systems & Components / Operating system package or component texlive-texdirflatten Operating systems & Components / Operating system package or component texlive-texdiff Operating systems & Components / Operating system package or component texlive-texdef Operating systems & Components / Operating system package or component texlive-texcount Operating systems & Components / Operating system package or component texlive-tex4ebook Operating systems & Components / Operating system package or component texlive-svn-multi Operating systems & Components / Operating system package or component texlive-sty2dtx Operating systems & Components / Operating system package or component texlive-srcredact Operating systems & Components / Operating system package or component texlive-splitindex Operating systems & Components / Operating system package or component texlive-rubik Operating systems & Components / Operating system package or component texlive-pythontex Operating systems & Components / Operating system package or component texlive-pygmentex Operating systems & Components / Operating system package or component texlive-purifyeps Operating systems & Components / Operating system package or component texlive-ptex2pdf Operating systems & Components / Operating system package or component texlive-ptex-fontmaps Operating systems & Components / Operating system package or component texlive-pst2pdf Operating systems & Components / Operating system package or component texlive-pst-pdf Operating systems & Components / Operating system package or component texlive-pmxchords Operating systems & Components / Operating system package or component texlive-pkfix-helper Operating systems & Components / Operating system package or component texlive-pkfix Operating systems & Components / Operating system package or component texlive-pfarrei Operating systems & Components / Operating system package or component texlive-petri-nets Operating systems & Components / Operating system package or component texlive-perltex Operating systems & Components / Operating system package or component texlive-pedigree-perl Operating systems & Components / Operating system package or component texlive-pdfxup Operating systems & Components / Operating system package or component texlive-pdftex-quiet Operating systems & Components / Operating system package or component texlive-pdflatexpicscale Operating systems & Components / Operating system package or component texlive-pdfjam Operating systems & Components / Operating system package or component texlive-pdfcrop Operating systems & Components / Operating system package or component texlive-pdfbook2 Operating systems & Components / Operating system package or component texlive-pax Operating systems & Components / Operating system package or component texlive-oberdiek Operating systems & Components / Operating system package or component texlive-musixtex Operating systems & Components / Operating system package or component texlive-multibibliography Operating systems & Components / Operating system package or component texlive-mptopdf Operating systems & Components / Operating system package or component texlive-mltex Operating systems & Components / Operating system package or component texlive-mkpic Operating systems & Components / Operating system package or component texlive-mkjobtexmf Operating systems & Components / Operating system package or component texlive-mkgrkindex Operating systems & Components / Operating system package or component texlive-mf2pt1 Operating systems & Components / Operating system package or component texlive-mex Operating systems & Components / Operating system package or component texlive-mathspic Operating systems & Components / Operating system package or component texlive-match_parens Operating systems & Components / Operating system package or component texlive-makedtx Operating systems & Components / Operating system package or component texlive-make4ht Operating systems & Components / Operating system package or component texlive-lyluatex Operating systems & Components / Operating system package or component texlive-lwarp Operating systems & Components / Operating system package or component texlive-luaotfload Operating systems & Components / Operating system package or component texlive-ltximg Operating systems & Components / Operating system package or component texlive-ltxfileinfo Operating systems & Components / Operating system package or component texlive-lollipop Operating systems & Components / Operating system package or component texlive-listings-ext Operating systems & Components / Operating system package or component texlive-listbib Operating systems & Components / Operating system package or component texlive-lilyglyphs Operating systems & Components / Operating system package or component texlive-latexpand Operating systems & Components / Operating system package or component texlive-latexindent Operating systems & Components / Operating system package or component texlive-latexfileversion Operating systems & Components / Operating system package or component texlive-latexdiff Operating systems & Components / Operating system package or component texlive-latex2nemeth Operating systems & Components / Operating system package or component texlive-latex2man Operating systems & Components / Operating system package or component texlive-latex-papersize Operating systems & Components / Operating system package or component texlive-latex-git-log Operating systems & Components / Operating system package or component texlive-latex Operating systems & Components / Operating system package or component texlive-l3build Operating systems & Components / Operating system package or component texlive-kotex-utils Operating systems & Components / Operating system package or component texlive-ketcindy Operating systems & Components / Operating system package or component texlive-jfmutil Operating systems & Components / Operating system package or component texlive-jadetex Operating systems & Components / Operating system package or component texlive-installfont Operating systems & Components / Operating system package or component texlive-glyphlist Operating systems & Components / Operating system package or component texlive-glossaries Operating systems & Components / Operating system package or component texlive-getmap Operating systems & Components / Operating system package or component texlive-fragmaster Operating systems & Components / Operating system package or component texlive-fontools Operating systems & Components / Operating system package or component texlive-fontinst Operating systems & Components / Operating system package or component texlive-findhyph Operating systems & Components / Operating system package or component texlive-fig4latex Operating systems & Components / Operating system package or component texlive-exceltex Operating systems & Components / Operating system package or component texlive-epstopdf Operating systems & Components / Operating system package or component texlive-epspdf Operating systems & Components / Operating system package or component texlive-eplain Operating systems & Components / Operating system package or component texlive-ebong Operating systems & Components / Operating system package or component texlive-dviinfox Operating systems & Components / Operating system package or component texlive-dviasm Operating systems & Components / Operating system package or component texlive-dtxgen Operating systems & Components / Operating system package or component texlive-dosepsbin Operating systems & Components / Operating system package or component texlive-diadia Operating systems & Components / Operating system package or component texlive-de-macro Operating systems & Components / Operating system package or component texlive-cyrillic Operating systems & Components / Operating system package or component texlive-ctanupload Operating systems & Components / Operating system package or component texlive-ctanify Operating systems & Components / Operating system package or component texlive-ctanbib Operating systems & Components / Operating system package or component texlive-ctan-o-mat Operating systems & Components / Operating system package or component texlive-csplain Operating systems & Components / Operating system package or component texlive-cslatex Operating systems & Components / Operating system package or component texlive-crossrefware Operating systems & Components / Operating system package or component texlive-convbkmk Operating systems & Components / Operating system package or component texlive-context Operating systems & Components / Operating system package or component texlive-cluttex Operating systems & Components / Operating system package or component texlive-clojure-pamphlet Operating systems & Components / Operating system package or component texlive-chklref Operating systems & Components / Operating system package or component texlive-checklistings Operating systems & Components / Operating system package or component texlive-checkcites Operating systems & Components / Operating system package or component texlive-cachepic Operating systems & Components / Operating system package or component texlive-bundledoc Operating systems & Components / Operating system package or component texlive-bibexport Operating systems & Components / Operating system package or component texlive-bib2gls Operating systems & Components / Operating system package or component texlive-authorindex Operating systems & Components / Operating system package or component texlive-attachfile2 Operating systems & Components / Operating system package or component texlive-arara Operating systems & Components / Operating system package or component texlive-amstex Operating systems & Components / Operating system package or component texlive-adhocfilelist Operating systems & Components / Operating system package or component texlive-accfonts Operating systems & Components / Operating system package or component texlive-a2ping Operating systems & Components / Operating system package or component texlive-xpdfopen Operating systems & Components / Operating system package or component texlive-xml2pmx Operating systems & Components / Operating system package or component texlive-xetex Operating systems & Components / Operating system package or component texlive-xdvi Operating systems & Components / Operating system package or component texlive-web Operating systems & Components / Operating system package or component texlive-vlna Operating systems & Components / Operating system package or component texlive-velthuis Operating systems & Components / Operating system package or component texlive-uptex Operating systems & Components / Operating system package or component texlive-ttfutils Operating systems & Components / Operating system package or component texlive-tikztosvg Operating systems & Components / Operating system package or component texlive-tie Operating systems & Components / Operating system package or component texlive-texware Operating systems & Components / Operating system package or component texlive-tex4ht Operating systems & Components / Operating system package or component texlive-tex Operating systems & Components / Operating system package or component texlive-synctex Operating systems & Components / Operating system package or component texlive-spix Operating systems & Components / Operating system package or component texlive-seetexk Operating systems & Components / Operating system package or component texlive-ptex Operating systems & Components / Operating system package or component texlive-ps2pk Operating systems & Components / Operating system package or component texlive-ps2eps Operating systems & Components / Operating system package or component texlive-pmx Operating systems & Components / Operating system package or component texlive-pdftosrc Operating systems & Components / Operating system package or component texlive-pdftex Operating systems & Components / Operating system package or component texlive-patgen Operating systems & Components / Operating system package or component texlive-optex Operating systems & Components / Operating system package or component texlive-omegaware Operating systems & Components / Operating system package or component texlive-musixtnt Operating systems & Components / Operating system package or component texlive-mfware Operating systems & Components / Operating system package or component texlive-mflua Operating systems & Components / Operating system package or component texlive-metapost Operating systems & Components / Operating system package or component texlive-metafont Operating systems & Components / Operating system package or component texlive-makeindex Operating systems & Components / Operating system package or component texlive-m-tx Operating systems & Components / Operating system package or component texlive-luatex Operating systems & Components / Operating system package or component texlive-luajittex Operating systems & Components / Operating system package or component texlive-luahbtex Operating systems & Components / Operating system package or component texlive-light-latex-make Operating systems & Components / Operating system package or component texlive-lib-devel Operating systems & Components / Operating system package or component texlive-lib Operating systems & Components / Operating system package or component texlive-lcdftypetools Operating systems & Components / Operating system package or component texlive-lacheck Operating systems & Components / Operating system package or component texlive-kpathsea Operating systems & Components / Operating system package or component texlive-hyperxmp Operating systems & Components / Operating system package or component texlive-gsftopk Operating systems & Components / Operating system package or component texlive-gregoriotex Operating systems & Components / Operating system package or component texlive-git-latexdiff Operating systems & Components / Operating system package or component texlive-fontware Operating systems & Components / Operating system package or component texlive-dvisvgm Operating systems & Components / Operating system package or component texlive-dvips Operating systems & Components / Operating system package or component texlive-dvipos Operating systems & Components / Operating system package or component texlive-dvipng Operating systems & Components / Operating system package or component texlive-dvipdfmx Operating systems & Components / Operating system package or component texlive-dviout-util Operating systems & Components / Operating system package or component texlive-dviljk Operating systems & Components / Operating system package or component texlive-dvidvi Operating systems & Components / Operating system package or component texlive-dvicopy Operating systems & Components / Operating system package or component texlive-dvi2tty Operating systems & Components / Operating system package or component texlive-dtl Operating systems & Components / Operating system package or component texlive-detex Operating systems & Components / Operating system package or component texlive-cweb Operating systems & Components / Operating system package or component texlive-ctie Operating systems & Components / Operating system package or component texlive-context-doc Operating systems & Components / Operating system package or component texlive-cjkutils Operating systems & Components / Operating system package or component texlive-chktex Operating systems & Components / Operating system package or component texlive-bibtexu Operating systems & Components / Operating system package or component texlive-bibtex8 Operating systems & Components / Operating system package or component texlive-bibtex Operating systems & Components / Operating system package or component texlive-base-debugsource Operating systems & Components / Operating system package or component texlive-base-debuginfo Operating systems & Components / Operating system package or component texlive-axodraw2 Operating systems & Components / Operating system package or component texlive-autosp Operating systems & Components / Operating system package or component texlive-aleph Operating systems & Components / Operating system package or component texlive-albatross Operating systems & Components / Operating system package or component texlive-afm2pl Operating systems & Components / Operating system package or component texlive-base Operating systems & Components / Operating system package or component
Vendor	openEuler

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) NULL pointer dereference

EUVDB-ID: #VU96489

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-46048

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in texk/web2c/pdftexdir/writet1.c. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

texlive-yplan: before 20210325-8

texlive-xmltex: before 20210325-8

texlive-xindex: before 20210325-8

texlive-wordcount: before 20210325-8

texlive-webquiz: before 20210325-8

texlive-vpe: before 20210325-8

texlive-urlbst: before 20210325-8

texlive-ulqda: before 20210325-8

texlive-typeoutfileinfo: before 20210325-8

texlive-tpic2pdftex: before 20210325-8

texlive-thumbpdf: before 20210325-8

texlive-texsis: before 20210325-8

texlive-texplate: before 20210325-8

texlive-texosquery: before 20210325-8

texlive-texloganalyser: before 20210325-8

texlive-texliveonfly: before 20210325-8

texlive-texlive.infra: before 20210325-8

texlive-texlive-scripts-extra: before 20210325-8

texlive-texlive-scripts: before 20210325-8

texlive-texlive-en: before 20210325-8

texlive-texfot: before 20210325-8

texlive-texdoctk: before 20210325-8

texlive-texdoc: before 20210325-8

texlive-texdirflatten: before 20210325-8

texlive-texdiff: before 20210325-8

texlive-texdef: before 20210325-8

texlive-texcount: before 20210325-8

texlive-tex4ebook: before 20210325-8

texlive-svn-multi: before 20210325-8

texlive-sty2dtx: before 20210325-8

texlive-srcredact: before 20210325-8

texlive-splitindex: before 20210325-8

texlive-rubik: before 20210325-8

texlive-pythontex: before 20210325-8

texlive-pygmentex: before 20210325-8

texlive-purifyeps: before 20210325-8

texlive-ptex2pdf: before 20210325-8

texlive-ptex-fontmaps: before 20210325-8

texlive-pst2pdf: before 20210325-8

texlive-pst-pdf: before 20210325-8

texlive-pmxchords: before 20210325-8

texlive-pkfix-helper: before 20210325-8

texlive-pkfix: before 20210325-8

texlive-pfarrei: before 20210325-8

texlive-petri-nets: before 20210325-8

texlive-perltex: before 20210325-8

texlive-pedigree-perl: before 20210325-8

texlive-pdfxup: before 20210325-8

texlive-pdftex-quiet: before 20210325-8

texlive-pdflatexpicscale: before 20210325-8

texlive-pdfjam: before 20210325-8

texlive-pdfcrop: before 20210325-8

texlive-pdfbook2: before 20210325-8

texlive-pax: before 20210325-8

texlive-oberdiek: before 20210325-8

texlive-musixtex: before 20210325-8

texlive-multibibliography: before 20210325-8

texlive-mptopdf: before 20210325-8

texlive-mltex: before 20210325-8

texlive-mkpic: before 20210325-8

texlive-mkjobtexmf: before 20210325-8

texlive-mkgrkindex: before 20210325-8

texlive-mf2pt1: before 20210325-8

texlive-mex: before 20210325-8

texlive-mathspic: before 20210325-8

texlive-match_parens: before 20210325-8

texlive-makedtx: before 20210325-8

texlive-make4ht: before 20210325-8

texlive-lyluatex: before svn47584-8

texlive-lwarp: before 20210325-8

texlive-luaotfload: before 20210325-8

texlive-ltximg: before 20210325-8

texlive-ltxfileinfo: before 20210325-8

texlive-lollipop: before 20210325-8

texlive-listings-ext: before 20210325-8

texlive-listbib: before 20210325-8

texlive-lilyglyphs: before 20210325-8

texlive-latexpand: before 20210325-8

texlive-latexindent: before 20210325-8

texlive-latexfileversion: before 20210325-8

texlive-latexdiff: before 20210325-8

texlive-latex2nemeth: before 20210325-8

texlive-latex2man: before 20210325-8

texlive-latex-papersize: before 20210325-8

texlive-latex-git-log: before 20210325-8

texlive-latex: before 20210325-8

texlive-l3build: before 20210325-8

texlive-kotex-utils: before 20210325-8

texlive-ketcindy: before 20210325-8

texlive-jfmutil: before 20210325-8

texlive-jadetex: before 20210325-8

texlive-installfont: before 20210325-8

texlive-glyphlist: before 20210325-8

texlive-glossaries: before 20210325-8

texlive-getmap: before 20210325-8

texlive-fragmaster: before 20210325-8

texlive-fontools: before 20210325-8

texlive-fontinst: before 20210325-8

texlive-findhyph: before 20210325-8

texlive-fig4latex: before 20210325-8

texlive-exceltex: before 20210325-8

texlive-epstopdf: before 20210325-8

texlive-epspdf: before 20210325-8

texlive-eplain: before 20210325-8

texlive-ebong: before 20210325-8

texlive-dviinfox: before 20210325-8

texlive-dviasm: before 20210325-8

texlive-dtxgen: before 20210325-8

texlive-dosepsbin: before 20210325-8

texlive-diadia: before 20210325-8

texlive-de-macro: before 20210325-8

texlive-cyrillic: before 20210325-8

texlive-ctanupload: before 20210325-8

texlive-ctanify: before 20210325-8

texlive-ctanbib: before 20210325-8

texlive-ctan-o-mat: before 20210325-8

texlive-csplain: before 20210325-8

texlive-cslatex: before 20210325-8

texlive-crossrefware: before 20210325-8

texlive-convbkmk: before 20210325-8

texlive-context: before 20210325-8

texlive-cluttex: before 20210325-8

texlive-clojure-pamphlet: before 20210325-8

texlive-chklref: before 20210325-8

texlive-checklistings: before 20210325-8

texlive-checkcites: before 20210325-8

texlive-cachepic: before 20210325-8

texlive-bundledoc: before 20210325-8

texlive-bibexport: before 20210325-8

texlive-bib2gls: before 20210325-8

texlive-authorindex: before 20210325-8

texlive-attachfile2: before 20210325-8

texlive-arara: before 20210325-8

texlive-amstex: before 20210325-8

texlive-adhocfilelist: before 20210325-8

texlive-accfonts: before 20210325-8

texlive-a2ping: before 20210325-8

texlive-xpdfopen: before 20210325-8

texlive-xml2pmx: before 20210325-8

texlive-xetex: before 20210325-8

texlive-xdvi: before 20210325-8

texlive-web: before 20210325-8

texlive-vlna: before 20210325-8

texlive-velthuis: before 20210325-8

texlive-uptex: before 20210325-8

texlive-ttfutils: before 20210325-8

texlive-tikztosvg: before 20210325-8

texlive-tie: before 20210325-8

texlive-texware: before 20210325-8

texlive-tex4ht: before 20210325-8

texlive-tex: before 20210325-8

texlive-synctex: before 20210325-8

texlive-spix: before 20210325-8

texlive-seetexk: before 20210325-8

texlive-ptex: before 20210325-8

texlive-ps2pk: before 20210325-8

texlive-ps2eps: before 20210325-8

texlive-pmx: before 20210325-8

texlive-pdftosrc: before 20210325-8

texlive-pdftex: before 20210325-8

texlive-patgen: before 20210325-8

texlive-optex: before 20210325-8

texlive-omegaware: before 20210325-8

texlive-musixtnt: before 20210325-8

texlive-mfware: before 20210325-8

texlive-mflua: before 20210325-8

texlive-metapost: before 20210325-8

texlive-metafont: before 20210325-8

texlive-makeindex: before 20210325-8

texlive-m-tx: before 20210325-8

texlive-luatex: before 20210325-8

texlive-luajittex: before 20210325-8

texlive-luahbtex: before 20210325-8

texlive-light-latex-make: before 20210325-8

texlive-lib-devel: before 20210325-8

texlive-lib: before 20210325-8

texlive-lcdftypetools: before 20210325-8

texlive-lacheck: before 20210325-8

texlive-kpathsea: before 20210325-8

texlive-hyperxmp: before 20210325-8

texlive-gsftopk: before 20210325-8

texlive-gregoriotex: before 20210325-8

texlive-git-latexdiff: before 20210325-8

texlive-fontware: before 20210325-8

texlive-dvisvgm: before 20210325-8

texlive-dvips: before 20210325-8

texlive-dvipos: before 20210325-8

texlive-dvipng: before 20210325-8

texlive-dvipdfmx: before 20210325-8

texlive-dviout-util: before 20210325-8

texlive-dviljk: before 20210325-8

texlive-dvidvi: before 20210325-8

texlive-dvicopy: before 20210325-8

texlive-dvi2tty: before 20210325-8

texlive-dtl: before 20210325-8

texlive-detex: before 20210325-8

texlive-cweb: before 20210325-8

texlive-ctie: before 20210325-8

texlive-context-doc: before 20210325-8

texlive-cjkutils: before 20210325-8

texlive-chktex: before 20210325-8

texlive-bibtexu: before 20210325-8

texlive-bibtex8: before 20210325-8

texlive-bibtex: before 20210325-8

texlive-base-debugsource: before 20210325-8

texlive-base-debuginfo: before 20210325-8

texlive-axodraw2: before 20210325-8

texlive-autosp: before 20210325-8

texlive-aleph: before 20210325-8

texlive-albatross: before 20210325-8

texlive-afm2pl: before 20210325-8

texlive-base: before 20210325-8

CPE2.3

cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2000

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) NULL pointer dereference

EUVDB-ID: #VU96488