CVE-2018-16646 — Infinite Loop in Poppler

CWE-835 — Infinite Loop14 documents8 sources

Severity

6.5MEDIUMNVD

EPSS

2.0%

top 16.11%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Freedesktop Poppler Canonical Ubuntu Linux Debian Linux

Timeline

PublishedSep 6

Latest updateMay 13

Description

In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

▶Debianfreedesktop/poppler< 0.71.0-4+3

▶Ubuntufreedesktop/poppler< 0.24.5-2ubuntu4.14+5

▶NVDfreedesktop/poppler0.68.0

Also affects: Debian Linux 8.0, Ubuntu Linux 14.04, 16.04, 18.04, 18.10

Patches

Patch: bugzilla.redhat.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-7rfh-f9f4-m45f: In Poppler 0↗2022-05-13

▶

OSV

poppler regression↗2018-12-11

▶

OSV

poppler vulnerabilities↗2018-12-04

▶

OSV

CVE-2018-16646: In Poppler 0↗2018-09-06

▶

CVEList

CVE-2018-16646: In Poppler 0↗2018-09-06

▶

📋Vendor Advisories

Ubuntu

poppler regression↗2018-12-11

▶

Ubuntu

poppler vulnerabilities↗2018-12-04

▶

Red Hat

poppler: infinite recursion in Parser::getObj function in Parser.cc↗2018-08-28

▶

Debian

CVE-2018-16646: poppler - In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause infinite...↗2018

▶

💬Community

Bugzilla

CVE-2019-13288 xpdf: denial of service in function Parser::getObj() in Parser.cc↗2019-07-10

▶

Bugzilla

CVE-2018-16646 poppler: infinite recursion in Parser::getObj function in Parser.cc↗2018-09-07

▶

Bugzilla

CVE-2018-16646 poppler: infinite recursion in Parser::getObj function in Parser.cc [fedora-all]↗2018-09-07

▶

Bugzilla

CVE-2018-16646 mingw-poppler: poppler: infinite recursion in Parser::getObj function in Parser.cc [fedora-all]↗2018-09-07

▶