If you call .sethalftone5 with an empty operand stack, ghostscript crashes. This flaw could be exploitable Upstream bug : - Bug 697203 - NULL dereference in .sethalftone5 http://bugs.ghostscript.com/show_bug.cgi?id=697203 Upstream patch : - Bug 697203: check for sufficient params in .sethalftone5 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=f5c7555c303 Reference : http://seclists.org/oss-sec/2016/q4/98
Created ghostscript tracking bugs for this issue: Affects: fedora-all [bug 1383941]
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2017:0014 https://rhn.redhat.com/errata/RHSA-2017-0014.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:0013 https://rhn.redhat.com/errata/RHSA-2017-0013.html