A flaw was found in Artifex Mupdf version 1.12.0 in fz_keep_key_storable function. There is Use After Free vulnerability which can be triggered by supplying a malformed PDF file. This can result in a Denial of Service or a Possible code execution. References: https://bugs.ghostscript.com/show_bug.cgi?id=698825 https://bugs.ghostscript.com/show_bug.cgi?id=698873 Patch: http://git.ghostscript.com/?p=mupdf.git;h=321ba1de287016b0036bf4a56ce774ad11763384
Created mupdf tracking bugs for this issue: Affects: fedora-all [bug 1544848]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.