Vulnerability Details : CVE-2018-16540
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact.
Vulnerability category: Memory Corruption
Products affected by CVE-2018-16540
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*
Threat overview for CVE-2018-16540
Top countries where our scanners detected CVE-2018-16540
Top open port discovered on systems with this issue
53
IPs affected by CVE-2018-16540 620,633
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2018-16540!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2018-16540
0.17%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 55 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-16540
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2018-16540
-
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-16540
-
https://access.redhat.com/errata/RHSA-2019:0229
RHSA-2019:0229 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHBA-2019:0327
RHBA-2019:0327 - Bug Fix Advisory - Red Hat Customer PortalThird Party Advisory
-
https://bugs.ghostscript.com/show_bug.cgi?id=699661
699661 – pdf14 garbage collection memory corruptionIssue Tracking;Permissions Required;Vendor Advisory
-
https://usn.ubuntu.com/3768-1/
USN-3768-1: Ghostscript vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://www.artifex.com/news/ghostscript-security-resolved/
Ghostscript security vulnerabilities resolved | ArtifexPatch;Vendor Advisory
-
https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html
[SECURITY] [DLA 1504-1] ghostscript security updateMailing List;Third Party Advisory
-
https://security.gentoo.org/glsa/201811-12
GPL Ghostscript: Multiple vulnerabilities (GLSA 201811-12) — Gentoo securityThird Party Advisory
-
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c432131c3fdb2143e148e8ba88555f7f7a63b25e
git.ghostscript.com Git - ghostpdl.git/commitPatch;Vendor Advisory
-
https://www.debian.org/security/2018/dsa-4288
Debian -- Security Information -- DSA-4288-1 ghostscriptThird Party Advisory
Jump to