Bug 1652893 (CVE-2018-16863)
Summary: | CVE-2018-16863 ghostscript: incomplete fix for CVE-2018-16509 | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Cedric Buissart <cbuissar> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | cperry, mosvald, security-response-team |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2018-12-04 15:04:38 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1652901, 1652902 | ||
Bug Blocks: | 1652892 |
Description
Cedric Buissart
2018-11-23 12:20:50 UTC
The full fix for CVE-2018-16509 (bug 1619748) consists of the following 4 upstream patches: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5516c614dc33 http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=78911a01b67d http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=79cccf641486 http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=520bb0ea7519 The RHSA-2018:2918 erratum for Red Hat Enterprise Linux 7 only included the first 2 fixes, and hence failed to fix CVE-2018-16509 completely. This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:3761 https://access.redhat.com/errata/RHSA-2018:3761 Statement: This vulnerability affects only Red Hat Enterprise Linux version 7. Red Hat Enterprise Linux version 6 is not affected by this vulnerability because the set of fixes for CVE-2018-16509, released via RHSA-2018:3760, was complete. |