CVE-2019-14869Incorrect Use of Privileged APIs in Ghostscript

CWE-648Incorrect Use of Privileged APIsCWE-732Incorrect Permission Assignment9 documents8 sources
Severity
8.8HIGHNVD
EPSS
0.3%
top 49.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Artifex GhostscriptGhostscriptFedoraproject Fedora+1 more
Timeline
PublishedNov 15
Latest updateMay 24

Description

A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

NVDartifex/ghostscript9.009.50
Debianartifex/ghostscript< 9.50~dfsg-3+3
CVEListV5ghostscript/ghostscriptall versions of ghostscript 9.x before 9.28
NVDopensuse/leap15.0, 15.1+1

Also affects: Fedora 29, 30, 31

Patches

Patch: www.openwall.comPatch: bugzilla.redhat.comPatch: www.openwall.com

🔴Vulnerability Details

3
GHSA
GHSA-c87p-jj8p-c38g: A flaw was found in all versions of ghostscript 92022-05-24
OSV
CVE-2019-14869: A flaw was found in all versions of ghostscript 92019-11-15
CVEList
CVE-2019-14869: A flaw was found in all versions of ghostscript 92019-11-15

📋Vendor Advisories

3
Red Hat
ghostscript: -dSAFER escape in .charkeys (701841)2019-11-14
Ubuntu
Ghostscript vulnerability2019-11-14
Debian
CVE-2019-14869: ghostscript - A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.cha...2019

💬Community

2
Bugzilla
CVE-2019-14869 ghostscript: -dSAFER escape in .charkeys (701841) [fedora-all]2019-11-14
Bugzilla
CVE-2019-14869 ghostscript: -dSAFER escape in .charkeys (701841)2019-11-05
CVE-2019-14869 — Incorrect Use of Privileged APIs | cvebase