Project

General

Profile

Bug #9432

 ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling (CVE-2018-16802)

Added by Alicha CH 8 months ago. Updated 7 months ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
-
Start date:
09/20/2018
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Affected versions:
Security IDs:

Description

An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege"
checking when running out of stack during exception handling could be used by attackers able to supply
crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509.

References:

https://seclists.org/oss-sec/2018/q3/228
https://seclists.org/oss-sec/2018/q3/229
https://seclists.org/oss-sec/2018/q3/233

Patches:

https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=643b24db
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3e5d316b
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5812b1b7


Subtasks

Bug #9433: [3.9] ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling (CVE-2018-16802) Closed

Bug #9434: [3.8] ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling (CVE-2018-16802) Closed

Bug #9435: [3.7] ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling (CVE-2018-16802) Closed

Bug #9436: [3.6] ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling (CVE-2018-16802) Closed

Bug #9437: [3.5] ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling (CVE-2018-16802) Closed


Related issues

Copied to Alpine Linux - Bug #9433: [3.9] ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling (CVE-2018-16802) Closed09/20/2018

History

#1 Updated by Alicha CH 8 months ago

  • Copied to Bug #9433: [3.9] ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling (CVE-2018-16802) added

#2 Updated by Leonardo Arena 7 months ago

  • Status changed from New to Resolved

#3 Updated by Alicha CH 7 months ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from Resolved to Closed
  • Security IDs deleted (CVE-2018-16802)

Also available in: Atom PDF