CVE-2023-46751Use After Free in Ghostscript

CWE-416Use After Free8 documents8 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 70.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Artifex Ghostscript
Timeline
PublishedDec 6
Latest updateDec 12

Description

An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

Debianartifex/ghostscript< 10.0.0~dfsg-11+deb12u3+2
NVDartifex/ghostscript10.02.0

🔴Vulnerability Details

3
CVEList
CVE-2023-46751: An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 102023-12-06
GHSA
GHSA-798r-fxxx-hvxj: An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 102023-12-06
OSV
CVE-2023-46751: An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 102023-12-06

📋Vendor Advisories

3
Ubuntu
Ghostscript vulnerability2023-12-12
Red Hat
ghostscript: dangling pointer in gdev_prn_open_printer_seekable()2023-12-06
Debian
CVE-2023-46751: ghostscript - An issue was discovered in the function gdev_prn_open_printer_seekable() in Arti...2023
CVE-2023-46751 — Use After Free in Artifex Ghostscript | cvebase