Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1427440 - (CVE-2017-6196) CVE-2017-6196 ghostscript: Multiple use-after-free vulnerabilities in gx_image_enum_begin function
CVE-2017-6196 ghostscript: Multiple use-after-free vulnerabilities in gx_imag...
Status: CLOSED NOTABUG
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20170220,reported=2...
: Security
Depends On: 1427442
Blocks: 1410024
  Show dependency treegraph
 
Reported: 2017-02-28 03:58 EST by Andrej Nemec
Modified: 2017-04-06 10:12 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-03-31 09:28:30 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Andrej Nemec 2017-02-28 03:58:30 EST 
Multiple use-after-free vulnerabilities in the gx_image_enum_begin function in base/gxipixel.c in Ghostscript  allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document.

Upstream bug:

https://bugs.ghostscript.com/show_bug.cgi?id=697596

Upstream patch:

http://git.ghostscript.com/?p=ghostpdl.git;h=ecceafe3abba2714ef9b432035fe0739d9b1a283
Comment 1 Andrej Nemec 2017-02-28 03:59:36 EST 
Created ghostscript tracking bugs for this issue:

Affects: fedora-all [bug 1427442]
Comment 2 Cedric Buissart 2017-03-31 09:00:43 EDT 
RHEL-7 and earlier versions are not affected : The double-free is a side effect of the upstream commit cffb5712b (http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=cffb5712b), which was introduced in ghostscript-9.21.
Comment 3 David Kaspar [Dee'Kej] 2017-04-06 10:12:16 EDT 
(In reply to Cedric Buissart from comment #2)
> RHEL-7 and earlier versions are not affected : The double-free is a side
> effect of the upstream commit cffb5712b
> (http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=cffb5712b), which
> was introduced in ghostscript-9.21.

Please note that ghostscript-9.21 is already released, and I'm planning to do a rebase at some point when I have a time. Therefore I'm not sure we should close this BZ as a NOTABUG, because we might stumble upon this again in the future.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.