Headline

CVE-2022-37051: SIGABRT at poppler/Object.h:435 (pdfunite) (#1276) · Issues · poppler / poppler · GitLab

An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file.

1 year ago

CVE

Open in Source

#linux #dos #git #pdf

When testing #706 (closed), we found the bug is not completely patched in pdfunite. To reproduce the bug, run pdfunite t.pdf poc 2.pdf.

(gdb) bt
#0  0x00007ffff72467bb in raise () from /lib/x86_64-linux-gnu/libc.so.6
#1  0x00007ffff7231535 in abort () from /lib/x86_64-linux-gnu/libc.so.6
#2  0x000000000040d7a1 in Object::getDict (this=<optimized out>)
    at /home/users/chluo/poppler/poppler/Object.h:435
#3  main (argc=<optimized out>, argv=<optimized out>)
    at /home/users/chluo/poppler/utils/pdfunite.cc:200

uni.zip

Edited Jul 28, 2022 by

Related news

Ubuntu Security Notice USN-6508-1

Ubuntu Security Notice 6508-1 - It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service.

12 months ago

Packet Storm

Open in Source

#vulnerability #ubuntu #dos #pdf