CVE-2020-15900

CWE-191CWE-787Out-of-bounds WriteCWE-119Buffer OverflowCWE-1319 documents8 sources
Severity
9.8CRITICAL
EPSS
11.0%
top 6.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Artifex GhostscriptCanonical Ubuntu LinuxOpensuse Leap
Timeline
PublishedJul 28
Latest updateMay 24

Description

A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32_t. This was fixed in commit 5d499272b95a6b890a1397e11d20937de000d31b.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

NVDartifex/ghostscript9.50, 9.52+1
Debianghostscript< 9.52.1~dfsg-1+3
NVDopensuse/leap15.1, 15.2+1

Also affects: Ubuntu Linux 20.04

Patches

Patch: github.comPatch: github.comPatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-mwgq-j58h-pv6j: A memory corruption issue was found in Artifex Ghostscript 92022-05-24
OSV
CVE-2020-15900: A memory corruption issue was found in Artifex Ghostscript 92020-07-28
CVEList
CVE-2020-15900: A memory corruption issue was found in Artifex Ghostscript 92020-07-28

📋Vendor Advisories

3
Ubuntu
Ghostscript vulnerability2020-08-03
Red Hat
ghostscript: Memory Corruption in Ghostscript 9.52 (SAFER Sandbox Breakout)2020-07-27
Debian
CVE-2020-15900: ghostscript - A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of...2020

💬Community

2
Bugzilla
CVE-2020-15900 ghostscript: Memory Corruption in Ghostscript 9.52 (SAFER Sandbox Breakout) [fedora-all]2020-07-30
Bugzilla
CVE-2020-15900 ghostscript: Memory Corruption in Ghostscript 9.52 (SAFER Sandbox Breakout)2020-07-22
CVE-2020-15900 (CRITICAL CVSS 9.8) | A memory corruption issue was found | cvebase.io