#VU99617 Out-of-bounds write in Ghostscript and GhostPDL - CVE-2024-46956


Vulnerability identifier: #VU99617

Vulnerability risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-46956

CWE-ID: CWE-787

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Ghostscript
Universal components / Libraries / Libraries used by multiple products
GhostPDL
Universal components / Libraries / Libraries used by multiple products

Vendor: Artifex Software, Inc.

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in filenameforall. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Ghostscript: 9.00 - 10.04.0 rc1

GhostPDL: 9.00 - 10.03.1

External links
https://ghostscript.com/index.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Migration Toolkit for Containers 1.8
Multiple vulnerabilities in IBM Rapid Infrastructure Automation
Anolis OS update for ghostscript
Red Hat Enterprise Linux 9 update for ghostscript
Red Hat Enterprise Linux 8 update for ghostscript
Gentoo update for GPL Ghostscript
Ubuntu update for ghostscript
Fedora 40 update for ghostscript
Fedora 41 update for ghostscript
Ubuntu update for ghostscript