In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow. Upstream issue: https://bugs.ghostscript.com/show_bug.cgi?id=699685
Created mupdf tracking bugs for this issue: Affects: fedora-all [bug 1626484]
Upstream commit: http://git.ghostscript.com/?p=mupdf.git;h=38f883fe129a5e89306252a4676eaaf4bc968824
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.