CVE-2018-20481 — NULL Pointer Dereference in Poppler

CWE-476 — NULL Pointer Dereference11 documents8 sources

Severity

6.5MEDIUMNVD

EPSS

1.2%

top 21.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Freedesktop Poppler Canonical Ubuntu Linux Debian Linux

Timeline

PublishedDec 26

Latest updateMay 13

Description

XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

▶Debianfreedesktop/poppler< 0.71.0-4+3

▶Ubuntufreedesktop/poppler< 0.24.5-2ubuntu4.15+2

▶NVDfreedesktop/poppler0.72.0

Also affects: Debian Linux 8.0, Ubuntu Linux 14.04, 16.04, 18.04, 18.10

Patches

Patch: gitlab.freedesktop.org ↗Patch: gitlab.freedesktop.org ↗

🔴Vulnerability Details

GHSA

GHSA-hw98-2857-jggj: XRef::getEntry in XRef↗2022-05-13

▶

OSV

poppler vulnerabilities↗2019-01-22

▶

OSV

CVE-2018-20481: XRef::getEntry in XRef↗2018-12-26

▶

CVEList

CVE-2018-20481: XRef::getEntry in XRef↗2018-12-26

▶

📋Vendor Advisories

Ubuntu

poppler vulnerabilities↗2019-01-22

▶

Red Hat

poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc↗2018-12-20

▶

Debian

CVE-2018-20481: poppler - XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries,...↗2018

▶

💬Community

Bugzilla

CVE-2018-20481 poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc [fedora-all]↗2019-01-10

▶

Bugzilla

CVE-2018-20481 poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc↗2019-01-10

▶

Bugzilla

CVE-2018-20481 mingw-poppler: poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc [fedora-all]↗2019-01-10

▶