CVE-2021-45949 : Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sam

Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).

Published 2022-01-01 00:15:08

Updated 2022-01-21 14:41:35

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowMemory Corruption

Products affected by CVE-2021-45949

Debian » Debian Linux » Version: 9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 11.0
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
Matching versions
Artifex » Ghostscript
Versions from including (>=) 9.50 and up to, including, (<=) 9.54.0
cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*
Matching versions

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 9 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:N/A:P	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H	1.8	3.6	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

Assigned by: nvd@nist.gov (Primary)

https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=2a3129365d3bc0d4a41f107ef175920d1505d1f7

git.ghostscript.com Git - ghostpdl.git/commit
Patch;Third Party Advisory
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34675

34675 - ghostscript:gstoraster_fuzzer: Heap-buffer-overflow in sampled_data_finish - oss-fuzz
Exploit;Issue Tracking;Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/01/msg00006.html

[SECURITY] [DLA 2879-1] ghostscript security update
Mailing List;Third Party Advisory

CVEs referencing this url
https://www.debian.org/security/2022/dsa-5038

Debian -- Security Information -- DSA-5038-1 ghostscript
Third Party Advisory

CVEs referencing this url
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ghostscript/OSV-2021-803.yaml

oss-fuzz-vulns/OSV-2021-803.yaml at main · google/oss-fuzz-vulns · GitHub
Third Party Advisory

Jump to