{"id":"MGASA-2017-0430","summary":"Updated ghostscript packages fix security vulnerabilities","details":"Multiple use-after-free vulnerabilities in the gx_image_enum_begin\nfunction in base/gxipixel.c in Ghostscript before\necceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause\na denial of service (application crash) or possibly have unspecified\nother impact via a crafted PostScript document. (CVE-2017-6196)\n\nInteger overflow in the mark_curve function in Artifex Ghostscript 9.21\nallows remote attackers to cause a denial of service (out-of-bounds\nwrite and application crash) or possibly have unspecified other impact\nvia a crafted PostScript document. (CVE-2017-7948)\n\nThe mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21\nallows remote attackers to cause a denial of service (out-of-bounds\nread) via a crafted PostScript document. (CVE-2017-8908)\n\nlibjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and\nGhostscript, has a NULL pointer dereference in the jbig2_huffman_get\nfunction in jbig2_huffman.c. For example, the jbig2dec utility will\ncrash (segmentation fault) when parsing an invalid file.\n(CVE-2017-9216)\n\nThe xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript\nGhostXPS 9.21 allows remote attackers to cause a denial of service\n(heap-based buffer over-read and application crash) or possibly have\nunspecified other impact via a crafted document. (CVE-2017-9610)\n\nThe xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript\nGhostXPS 9.21 allows remote attackers to cause a denial of service\n(buffer overflow and application crash) or possibly have unspecified\nother impact via a crafted document. (CVE-2017-9618)\n\nThe xps_true_callback_glyph_name function in xps/xpsttf.c in Artifex\nGhostscript GhostXPS 9.21 allows remote attackers to cause a denial of\nservice (Segmentation Violation and application crash) via a crafted\nfile. (CVE-2017-9619)\n\nThe xps_select_font_encoding function in xps/xpsfont.c in Artifex\nGhostscript GhostXPS 9.21 allows remote attackers to cause a denial of\nservice (heap-based buffer over-read and application crash) or possibly\nhave unspecified other impact via a crafted document, related to the\nxps_encode_font_char_imp function. (CVE-2017-9620)\n\nThe xps_decode_font_char_imp function in xps/xpsfont.c in Artifex\nGhostscript GhostXPS 9.21 allows remote attackers to cause a denial of\nservice (heap-based buffer over-read and application crash) or possibly\nhave unspecified other impact via a crafted document. (CVE-2017-9740)\n","modified":"2026-04-16T01:47:12.404842466Z","published":"2017-11-29T18:52:42Z","upstream":["CVE-2017-6196","CVE-2017-7948","CVE-2017-8908","CVE-2017-9216","CVE-2017-9610","CVE-2017-9618","CVE-2017-9619","CVE-2017-9620","CVE-2017-9740"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0430.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=22052"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2QUCMGMEGU4TK3I5424ZFZYFJHEQRF4P/"}],"affected":[{"package":{"name":"ghostscript","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/ghostscript?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.22-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0430.json"}},{"package":{"name":"ghostscript","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/ghostscript?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.22-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0430.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}