Bug 2048916 (CVE-2021-45944)

Summary: CVE-2021-45944 ghostscript: use-after-free in sampled_data_sample may lead to DoS
Product: [Other] Security Response Reporter: Marian Rehak <mrehak>
Component: vulnerabilityAssignee: Nobody <nobody>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: akhaitovich, mjg, mosvald, zdohnal
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A heap-use-after-free flaw was found in Ghostscript’s GhostPDL in the sampled_data_sample function (called from sampled_data_continue and interp). This flaw allows a local attacker to pass a specially crafted malicious file to Ghostscript that triggers a heap-use-after-free issue, potentially causing a crash that leads to a denial of service.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2049768, 2049769, 2049770    
Bug Blocks: 2048917    

Description Marian Rehak 2022-02-01 07:59:26 UTC 
Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).

Reference:

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29903
Comment 1 Michael J Gruber 2022-02-01 14:25:02 UTC 
Fedora versions all the way down to F33 are not affected - they carry  ghostscript-9.55.0.

So, which version are you reporting this against?
Comment 4 Marian Rehak 2022-02-03 18:26:28 UTC 
Yes, and fedora is filed as notaffected + no trackers, what is your problem here?
Comment 5 Michael J Gruber 2022-02-03 19:30:10 UTC 
(In reply to Marian Rehak from comment #4)
> Yes, and fedora is filed as notaffected + no trackers,

"Version unspecified" "OS Linux"

Where is Fedora filed as notaffected?

If it's not filed against Fedora, why am I on cc?


> what is your problem here?

I had a simple and fair question.

The "problem" is the tone of your response.