Vulnerability Details : CVE-2022-38784
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.
Vulnerability category: Overflow
Products affected by CVE-2022-38784
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-38784
0.25%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 64 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-38784
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2022-38784
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-38784
-
https://poppler.freedesktop.org/releases.html
PopplerRelease Notes;Vendor Advisory
-
https://github.com/zmanion/Vulnerabilities/blob/main/CVE-2022-38171.md
Vulnerabilities/CVE-2022-38171.md at main · zmanion/Vulnerabilities · GitHubExploit;Third Party Advisory
-
https://github.com/jeffssh/CVE-2021-30860
GitHub - jeffssh/CVE-2021-30860: Collection of materials relating to FORCEDENTRY, will eventually delete this repo and migrate the materials to my main exploit repo once finishedThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BGY72LBJMFAKQWC2XH4MRPIGPQLXTFL6/
[SECURITY] Fedora 36 Update: poppler-22.01.0-6.fc36 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E5Z2677EQUWVHJLGSH5DQX53EK6MY2M2/
[SECURITY] Fedora 35 Update: poppler-21.08.0-3.fc35 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html
[SECURITY] [DLA 3120-1] poppler security updateThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J546EJUKUOPWA3JSLP7DYNBAU3YGNCCW/
[SECURITY] Fedora 35 Update: mingw-poppler-21.08.0-2.fc35 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TQAO6O2XHPQHNW2MWOCJJ4C3YWS2VV4K/
[SECURITY] Fedora 36 Update: mingw-poppler-22.01.0-7.fc36 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2022/09/02/11
oss-security - JBIG2 integer overflow fixed in Xpdf 4.04, Poppler 22.09.0Mailing List;Third Party Advisory
-
https://www.cve.org/CVERecord?id=CVE-2022-38171
cve-websiteThird Party Advisory
-
https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1261/diffs?commit_id=27354e9d9696ee2bc063910a6c9a6b27c5184a52
JBIG2Stream: Fix crash on broken file (!1261) · Merge requests · poppler / poppler · GitLabPatch;Vendor Advisory
-
https://www.debian.org/security/2022/dsa-5224
Debian -- Security Information -- DSA-5224-1 popplerThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLKN3HJKZSGEEKOF57DM7Q3IB74HP5VW/
[SECURITY] Fedora 37 Update: poppler-22.08.0-2.fc37 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://security.gentoo.org/glsa/202209-21
Poppler: Arbitrary Code Execution (GLSA 202209-21) — Gentoo securityThird Party Advisory
Jump to