CVE-2016-9601 — Integer Overflow or Wraparound in GPL Ghostscript

CWE-190 — Integer Overflow or Wraparound CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer12 documents8 sources

Severity

5.5MEDIUMNVD

CNA5.3

EPSS

0.4%

top 36.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Artifex Jbig2dec Artifex GPL Ghostscript Debian Linux

Timeline

PublishedApr 24

Latest updateMay 13

Description

ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

▶NVDartifex/gpl_ghostscript< 9.21

▶Debianartifex/jbig2dec< 0.13-4+3

▶Ubuntuartifex/jbig2dec< 0.11+20120125-1ubuntu1.1+1

▶NVDartifex/jbig2dec0.13

Also affects: Debian Linux 8.0, 9.0

🔴Vulnerability Details

GHSA

GHSA-vf87-jj8q-h556: ghostscript before version 9↗2022-05-13

▶

OSV

CVE-2016-9601: ghostscript before version 9↗2018-04-24

▶

CVEList

CVE-2016-9601: ghostscript before version 9↗2018-04-23

▶

OSV

jbig2dec vulnerabilities↗2017-05-24

▶

OSV

pillow vulnerabilities↗2017-03-13

▶

📋Vendor Advisories

Ubuntu

jbig2dec vulnerabilities↗2017-05-24

▶

Red Hat

ghostscript: Heap-buffer overflow due to Integer overflow in jbig2_image_new function↗2016-12-28

▶

Debian

CVE-2016-9601: jbig2dec - ghostscript before version 9.21 is vulnerable to a heap based buffer overflow th...↗2016

▶

💬Community

Bugzilla

CVE-2016-9601 ghostscript: Heap-buffer overflow due to Integer overflow in jbig2_image_new function↗2017-01-04

▶

Bugzilla

CVE-2016-9601 ghostscript: Heap-buffer overflow due to Integer overflow in jbig2_image_new function [fedora-all]↗2017-01-04

▶