2251630 – (CVE-2022-38349) CVE-2022-38349 poppler: Reachable assertion in Object.h

Bug 2251630 (CVE-2022-38349) - CVE-2022-38349 poppler: Reachable assertion in Object.h

Summary: CVE-2022-38349 poppler: Reachable assertion in Object.h

Keywords:
Status:	NEW
Alias:	CVE-2022-38349
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2251631 2251632
Blocks:	2254952
TreeView+	depends on / blocked

Reported:	2023-11-27 02:29 UTC by Avinash Hanwate
Modified:	2024-01-04 12:37 UTC (History)
CC List:	0 users
Fixed In Version:	poppler 22.09.0
Doc Type:	---
Doc Text:	A flaw was found in the Poppler package. This issue occurs due to a reachable assertion in Object.h. By using a specially crafted file, an attacker could cause a denial of service.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Avinash Hanwate 2023-11-27 02:29:43 UTC

An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file.

Comment 1 Avinash Hanwate 2023-11-27 02:31:04 UTC

Created mingw-poppler tracking bugs for this issue:

Affects: fedora-all [bug 2251632]


Created poppler tracking bugs for this issue:

Affects: fedora-all [bug 2251631]

Comment 2 TEJ RATHI 2023-12-18 05:46:34 UTC

References:
https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282
https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28

Note You need to log in before you can comment on or make changes to this bug.