Bug 1627959 (CVE-2018-16802)
Summary: | CVE-2018-16802 ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Sam Fowler <sfowler> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | twaugh, zdohnal |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | ghostscript 9.25 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2018-12-18 09:17:13 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1627960, 1627961, 1650060, 1650061 | ||
Bug Blocks: | 1619570 |
Description
Sam Fowler
2018-09-12 00:49:21 UTC
Created ghostscript tracking bugs for this issue: Affects: fedora-all [bug 1627960] Statement: This issue affects the versions of ghostscript as shipped with Red Hat Enterprise Linux 7. This issue did not affect the versions of ghostscript as shipped with Red Hat Enterprise Linux 5 and 6. This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:3834 https://access.redhat.com/errata/RHSA-2018:3834 Mitigation: Please refer to the "Mitigation" section of CVE-2018-16509 : https://access.redhat.com/security/cve/cve-2018-16509 |