Headline
Ubuntu Security Notice USN-6433-1
Ubuntu Security Notice 6433-1 - It was discovered that Ghostscript incorrectly handled certain PDF documents. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code.
==========================================================================
Ubuntu Security Notice USN-6433-1
October 17, 2023
ghostscript vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.04
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
Ghostscript could be made to run programs if it opened a specially crafted
file.
Software Description:
- ghostscript: PostScript and PDF interpreter
Details:
It was discovered that Ghostscript incorrectly handled certain PDF
documents. If a user or automated system were tricked into opening a
specially crafted PDF file, a remote attacker could use this issue to
execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 23.04:
ghostscript 10.0.0~dfsg1-0ubuntu1.4
Ubuntu 22.04 LTS:
ghostscript 9.55.0~dfsg1-0ubuntu5.5
Ubuntu 20.04 LTS:
ghostscript 9.50~dfsg-5ubuntu4.11
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6433-1
CVE-2023-43115
Package Information:
https://launchpad.net/ubuntu/+source/ghostscript/10.0.0~dfsg1-0ubuntu1.4
https://launchpad.net/ubuntu/+source/ghostscript/9.55.0~dfsg1-0ubuntu5.5
https://launchpad.net/ubuntu/+source/ghostscript/9.50~dfsg-5ubuntu4.11
Related news
Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote attacker could potentially exploit this vulnerability to read arbitrary files from the target system.
An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer.
Red Hat Security Advisory 2023-5868-01 - An update for ghostscript is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a code execution vulnerability.
In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the IJS device inherently must execute a command to start the IJS server).