#VU92282 Format string error in Ghostscript - CVE-2024-29510

Cybersecurity Help s.r.o.

Published: 2024-06-19 | Updated: 2024-07-19

Vulnerability identifier: #VU92282

Vulnerability risk: High

CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2024-29510

CWE-ID: CWE-134

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
Ghostscript
Universal components / Libraries / Libraries used by multiple products

Vendor: Artifex Software, Inc.

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a format string error. A remote attacker can supply a specially crafted input that contains format string specifiers and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Ghostscript: 9.00 - 10.03.0

External links
https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=3b1735085ecef20b29e8db3416ab36de93e86d1f
https://ghostscript.readthedocs.io/en/gs10.03.1/News.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

Latest bulletins with this vulnerability

Anolis OS update for ghostscript

Multiple vulnerabilities in OpenShift API for Data Protection (OADP) 1.3

Gentoo update for GPL Ghostscript

openEuler 22.03 LTS SP1 update for ghostscript

openEuler 22.03 LTS SP3 update for ghostscript

openEuler 20.03 LTS SP4 update for ghostscript

Red Hat Enterprise Linux 9 update for ghostscript

Oracle Solaris update for thrid-party components