Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:2259: Red Hat Security Advisory: poppler security and bug fix update

An update for poppler is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-38784: An integer overflow issue was discovered in Popplers’ JBIG2 decoder in the JBIG2Stream::readTextRegionSeg() function in JBIGStream.cc file. This flaw allows an attacker to trick a user into opening a malformed PDF file or JBIG2 image in the application, triggering an integer overflow, which could result in a crash or may lead to the execution of arbitrary code on the target system.
Red Hat Security Data
#vulnerability#linux#red_hat#pdf#ibm

Synopsis

Moderate: poppler security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for poppler is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince.

Security Fix(es):

  • poppler: integer overflow in JBIG2 decoder using malformed files (CVE-2022-38784)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 9 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x

Fixes

  • BZ - 2124527 - CVE-2022-38784 poppler: integer overflow in JBIG2 decoder using malformed files
  • BZ - 2144768 - Please add various devel packages to CRB 9 to build Scribus in EPEL

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

Red Hat Enterprise Linux for x86_64 9

SRPM

poppler-21.01.0-14.el9.src.rpm

SHA-256: ef3e47d9691f7470e7e3f4d8b72f9696cb92fff91042e2f8d2d624df4fe621f2

x86_64

poppler-21.01.0-14.el9.i686.rpm

SHA-256: 38df87cfaaeeb44cf4c7d8d416e723980b0322106da6133a000e08fc6e1a33b3

poppler-21.01.0-14.el9.x86_64.rpm

SHA-256: 4f517e3ea064239a68f55017c34de1e5d9f98f3c052dac3c47f5af9969066f66

poppler-cpp-21.01.0-14.el9.i686.rpm

SHA-256: 0d0f3f6e0556b2c922c3d835b34788938020b86fa9712aa85ef83caab03484db

poppler-cpp-21.01.0-14.el9.x86_64.rpm

SHA-256: 406e36013797ddd2b43f1e4e92c57c86cdd8310961059f51678ecbe2e338876e

poppler-cpp-debuginfo-21.01.0-14.el9.i686.rpm

SHA-256: 0e4d3755e7a40075bed3edf020a2766ab614c08cce6807d9c2f5d6374bca5c3a

poppler-cpp-debuginfo-21.01.0-14.el9.x86_64.rpm

SHA-256: 1396d64e14d19dafe2641906047d350d09bbe8a000d4c5a094d964ebb7ba3565

poppler-debuginfo-21.01.0-14.el9.i686.rpm

SHA-256: a59cd8121d1f3556d7ce28fd7420c75d699467e1fbe85cf963f320aea8a9b8e0

poppler-debuginfo-21.01.0-14.el9.x86_64.rpm

SHA-256: 7f3edea56f9d3024e545f487a8a96cd65348c9f83b1c1d11ed32420cd8467c41

poppler-debugsource-21.01.0-14.el9.i686.rpm

SHA-256: 4d6ea426da21f12ccd2145753e97607c5340b1559eb42361e0713c75d0fd53a0

poppler-debugsource-21.01.0-14.el9.x86_64.rpm

SHA-256: ce78f87c95cd820c308b9bba376daf09fde096d09bb3e3873aff4cb17e4887e8

poppler-glib-21.01.0-14.el9.i686.rpm

SHA-256: 98160ab2a78bddf3941b598805e7766052638f8061ac4a311e368b3214bf2052

poppler-glib-21.01.0-14.el9.x86_64.rpm

SHA-256: 31bbfa638b46c3859b7a445c55b4a61a06424ff172b19e186eaaa7a0936c884a

poppler-glib-debuginfo-21.01.0-14.el9.i686.rpm

SHA-256: 43f0c8ff89972400664cfe51c06081be6fa1ab960c0e28f4e217f340c8777fb2

poppler-glib-debuginfo-21.01.0-14.el9.x86_64.rpm

SHA-256: 61a8592f03e1d6f5c58150d3e786b87d3634411a03ed13bf15cfde3f397ed4a9

poppler-qt5-21.01.0-14.el9.i686.rpm

SHA-256: d727ee3d48c6f934301654fcd2a4f2ecbaa783212f5cbcd43ed7a4e658b872f3

poppler-qt5-21.01.0-14.el9.x86_64.rpm

SHA-256: 58d0208612ab886ba0d857baddfa9e95d7bc4976092e32b8899e6c1e87933be3

poppler-qt5-debuginfo-21.01.0-14.el9.i686.rpm

SHA-256: 63420154173f51bd8fe380949ed448d9db7453f9423e43dd7e13a6f70c0e1a19

poppler-qt5-debuginfo-21.01.0-14.el9.x86_64.rpm

SHA-256: 7d6343704efdedacdb368af036ba33b0652de168658b28bb2cf48226a58c5505

poppler-utils-21.01.0-14.el9.x86_64.rpm

SHA-256: 5d569f165f819e1ec78dcd07dae7a17adf7df9aa5ec2fc8a335d389660bb8291

poppler-utils-debuginfo-21.01.0-14.el9.i686.rpm

SHA-256: f3662792e6c5353f71b6ed78ebac665b5a74b19231dabdfcb19f811679f25831

poppler-utils-debuginfo-21.01.0-14.el9.x86_64.rpm

SHA-256: 56f6f6324d7df3140771eb0e32c007b0acd10982d2935093c1b9483759620e4f

Red Hat Enterprise Linux for IBM z Systems 9

SRPM

poppler-21.01.0-14.el9.src.rpm

SHA-256: ef3e47d9691f7470e7e3f4d8b72f9696cb92fff91042e2f8d2d624df4fe621f2

s390x

poppler-21.01.0-14.el9.s390x.rpm

SHA-256: 7e91b6b6af5faf9a51fd950e62dc3878ac86d689d0fac1f66d74fe2ab96106f2

poppler-cpp-21.01.0-14.el9.s390x.rpm

SHA-256: c90387a2118f363e31887d9667c51104b1e4be073f227795b1028540120cc0cd

poppler-cpp-debuginfo-21.01.0-14.el9.s390x.rpm

SHA-256: 90df68d4d671e7f16db2257c0c22c80ebf56d1510b33300377eac7a75408fe5c

poppler-debuginfo-21.01.0-14.el9.s390x.rpm

SHA-256: 0d55765dfdf75b873ae1318e673323e7901db7b87de95258ba0bb0bf8cf10751

poppler-debugsource-21.01.0-14.el9.s390x.rpm

SHA-256: 94eb97351e14a0d39fef163d015542b659d0434608e4e5f7502e9183874ddeff

poppler-glib-21.01.0-14.el9.s390x.rpm

SHA-256: dae2667038e7e871e3a3754c52a86939ba553e1e6d6dbeab3a80a49b58599779

poppler-glib-debuginfo-21.01.0-14.el9.s390x.rpm

SHA-256: a82c027428585159c71678000c9b834f13007a103244f843e7fb63a61dfbd191

poppler-qt5-21.01.0-14.el9.s390x.rpm

SHA-256: 49e3263b057f7c0e24fe1afa4ecccc8e43a938fd4b4ed584c15e009a804c37f7

poppler-qt5-debuginfo-21.01.0-14.el9.s390x.rpm

SHA-256: baeb2944f3adec24032c2c69c62f8ddc082b8711c42bab6abf59b3350eb92c98

poppler-utils-21.01.0-14.el9.s390x.rpm

SHA-256: 8d1d99cfafe08e22680a9f379373dccd1ca5034731ce1a724d803a3ee652f58c

poppler-utils-debuginfo-21.01.0-14.el9.s390x.rpm

SHA-256: a6382fa533b68905259c2cd47eb4efebb14f72b14ec4d96405d6b08573b0220e

Red Hat Enterprise Linux for Power, little endian 9

SRPM

poppler-21.01.0-14.el9.src.rpm

SHA-256: ef3e47d9691f7470e7e3f4d8b72f9696cb92fff91042e2f8d2d624df4fe621f2

ppc64le

poppler-21.01.0-14.el9.ppc64le.rpm

SHA-256: e0ed73ca3afb9ff597662211eb0407adb46fcc719fc36d1c192d14b2cb29d726

poppler-cpp-21.01.0-14.el9.ppc64le.rpm

SHA-256: a6268ce0549570289f9566031da67fb3ae032e15be9b1e9e018b676a0cef3f80

poppler-cpp-debuginfo-21.01.0-14.el9.ppc64le.rpm

SHA-256: 9ceff637e8e345bff1d5a45bc305584b7707940739a4f2c9e31e47619c9e8d2f

poppler-debuginfo-21.01.0-14.el9.ppc64le.rpm

SHA-256: 4ab4ec4373af41c2db4d3923a98eec130edf3114b7a354f68dda09d774728c05

poppler-debugsource-21.01.0-14.el9.ppc64le.rpm

SHA-256: f2362d3d565aa99260738603e6022449694478c95e1c7241a4cfdb14ba97f0bf

poppler-glib-21.01.0-14.el9.ppc64le.rpm

SHA-256: 3ea46402b4a057e0c5effdd024f362b18f7ff3b4553ebaf462d5864a80d4d2c0

poppler-glib-debuginfo-21.01.0-14.el9.ppc64le.rpm

SHA-256: 9cf57fabb4ec488493f4f2a3e5b309ce985960ae5617816522bc82ab33740742

poppler-qt5-21.01.0-14.el9.ppc64le.rpm

SHA-256: 12d2d81c526226dfdad1ee20c40b9ffaf5efd3cce3ca762cbf6ac668b427f3fd

poppler-qt5-debuginfo-21.01.0-14.el9.ppc64le.rpm

SHA-256: 084260442a5f8de65970cbd8b9e37fec71312b6e75dca4ba95288ae7faebd97c

poppler-utils-21.01.0-14.el9.ppc64le.rpm

SHA-256: 1cc0175fb2f9b6a74a45b16a995c7035d93adeeabf847e15198dda83ba648c0c

poppler-utils-debuginfo-21.01.0-14.el9.ppc64le.rpm

SHA-256: 033cde628f038ab01bb5d66c9323a4cddaceed833a0c84e2c03ed15a337428e0

Red Hat Enterprise Linux for ARM 64 9

SRPM

poppler-21.01.0-14.el9.src.rpm

SHA-256: ef3e47d9691f7470e7e3f4d8b72f9696cb92fff91042e2f8d2d624df4fe621f2

aarch64

poppler-21.01.0-14.el9.aarch64.rpm

SHA-256: d19cd601b874e8a48cfdd0b05f9b9162828b48b14bf5ca87160a65039b7df89a

poppler-cpp-21.01.0-14.el9.aarch64.rpm

SHA-256: 867f7a553646740312113bfa9fc2d43922c170de53300472e58f400111406a26

poppler-cpp-debuginfo-21.01.0-14.el9.aarch64.rpm

SHA-256: a264ca72c0ef2ce3d9e46b5c5e608b75a74a8b1bc56b28acc0fb89cdda282cca

poppler-debuginfo-21.01.0-14.el9.aarch64.rpm

SHA-256: ca28e5a018bd5932d1ed8a15eec499895b12eb5fff57c396db1867924fa28ba0

poppler-debugsource-21.01.0-14.el9.aarch64.rpm

SHA-256: db54535c1940fa0393ceee13943da18733956766b9f05c158bd116bcb8003ef5

poppler-glib-21.01.0-14.el9.aarch64.rpm

SHA-256: c26e5b5220572b384ff32613f45dd26df3d4aa7724391d570387d4614077d726

poppler-glib-debuginfo-21.01.0-14.el9.aarch64.rpm

SHA-256: ffd2e9c5a908a2fef96d00b61c5cd4aa0da0c5f92a0b7b35cf2c2dd5cc4201f9

poppler-qt5-21.01.0-14.el9.aarch64.rpm

SHA-256: ca5e665a8071ff07f728ec0ececad1b06007f36ad08f83602130adfe50a5e9c6

poppler-qt5-debuginfo-21.01.0-14.el9.aarch64.rpm

SHA-256: a53dc9532b0c6e452a6e0082d60d993a702776a6313c6f98d4da01074a99a436

poppler-utils-21.01.0-14.el9.aarch64.rpm

SHA-256: 77829951cf175450d470387d1789482eac65bada10fc31e0181d427cc7270c99

poppler-utils-debuginfo-21.01.0-14.el9.aarch64.rpm

SHA-256: f73cebe86751e9dd0d51704e4ffbebaef9434fd21120591f6f070c1372f929ef

Red Hat CodeReady Linux Builder for x86_64 9

SRPM

x86_64

poppler-cpp-debuginfo-21.01.0-14.el9.i686.rpm

SHA-256: 0e4d3755e7a40075bed3edf020a2766ab614c08cce6807d9c2f5d6374bca5c3a

poppler-cpp-debuginfo-21.01.0-14.el9.x86_64.rpm

SHA-256: 1396d64e14d19dafe2641906047d350d09bbe8a000d4c5a094d964ebb7ba3565

poppler-cpp-devel-21.01.0-14.el9.i686.rpm

SHA-256: d93b1113084513c99cff33b8927238c65f8ea1d80c553a5e57a89c3cad05ab72

poppler-cpp-devel-21.01.0-14.el9.x86_64.rpm

SHA-256: 5e6261d57d064b6732848fb202ef12ab8202242a54d8bf5160cbb6bdf9633cbf

poppler-debuginfo-21.01.0-14.el9.i686.rpm

SHA-256: a59cd8121d1f3556d7ce28fd7420c75d699467e1fbe85cf963f320aea8a9b8e0

poppler-debuginfo-21.01.0-14.el9.x86_64.rpm

SHA-256: 7f3edea56f9d3024e545f487a8a96cd65348c9f83b1c1d11ed32420cd8467c41

poppler-debugsource-21.01.0-14.el9.i686.rpm

SHA-256: 4d6ea426da21f12ccd2145753e97607c5340b1559eb42361e0713c75d0fd53a0

poppler-debugsource-21.01.0-14.el9.x86_64.rpm

SHA-256: ce78f87c95cd820c308b9bba376daf09fde096d09bb3e3873aff4cb17e4887e8

poppler-devel-21.01.0-14.el9.i686.rpm

SHA-256: 80a4278b09d01f3f994640533c22f7870b9267ae53b3b0ea36a48da209c4759d

poppler-devel-21.01.0-14.el9.x86_64.rpm

SHA-256: ea2a76295712235fc24a2eb948f9a6e3195d83c3ea5ed9db62710f331d360544

poppler-glib-debuginfo-21.01.0-14.el9.i686.rpm

SHA-256: 43f0c8ff89972400664cfe51c06081be6fa1ab960c0e28f4e217f340c8777fb2

poppler-glib-debuginfo-21.01.0-14.el9.x86_64.rpm

SHA-256: 61a8592f03e1d6f5c58150d3e786b87d3634411a03ed13bf15cfde3f397ed4a9

poppler-glib-devel-21.01.0-14.el9.i686.rpm

SHA-256: 2625da156e35706a9988aaeeb5bcdcbae99f04169f59d7aa2ab552bde8c167ff

poppler-glib-devel-21.01.0-14.el9.x86_64.rpm

SHA-256: 00b4b9539dd03bd64eb3855e184d8b81ff2e1f704c027a79dfd8873414bc8a7f

poppler-qt5-debuginfo-21.01.0-14.el9.i686.rpm

SHA-256: 63420154173f51bd8fe380949ed448d9db7453f9423e43dd7e13a6f70c0e1a19

poppler-qt5-debuginfo-21.01.0-14.el9.x86_64.rpm

SHA-256: 7d6343704efdedacdb368af036ba33b0652de168658b28bb2cf48226a58c5505

poppler-qt5-devel-21.01.0-14.el9.i686.rpm

SHA-256: fd1afba416de07db69989e5e9ff52e0907349142c38bef2754bf600f305d3769

poppler-qt5-devel-21.01.0-14.el9.x86_64.rpm

SHA-256: f8e8c08a9173e38a687ab76c9c8713bd9d8b460ca531a126d5e3c2559e7b67ac

poppler-utils-debuginfo-21.01.0-14.el9.i686.rpm

SHA-256: f3662792e6c5353f71b6ed78ebac665b5a74b19231dabdfcb19f811679f25831

poppler-utils-debuginfo-21.01.0-14.el9.x86_64.rpm

SHA-256: 56f6f6324d7df3140771eb0e32c007b0acd10982d2935093c1b9483759620e4f

Red Hat CodeReady Linux Builder for Power, little endian 9

SRPM

ppc64le

poppler-cpp-debuginfo-21.01.0-14.el9.ppc64le.rpm

SHA-256: 9ceff637e8e345bff1d5a45bc305584b7707940739a4f2c9e31e47619c9e8d2f

poppler-cpp-devel-21.01.0-14.el9.ppc64le.rpm

SHA-256: 5c6d46847b3edc8383ee4e0ba88ceb507109e6b8ace2911df0f9d9a5fad062a4

poppler-debuginfo-21.01.0-14.el9.ppc64le.rpm

SHA-256: 4ab4ec4373af41c2db4d3923a98eec130edf3114b7a354f68dda09d774728c05

poppler-debugsource-21.01.0-14.el9.ppc64le.rpm

SHA-256: f2362d3d565aa99260738603e6022449694478c95e1c7241a4cfdb14ba97f0bf

poppler-devel-21.01.0-14.el9.ppc64le.rpm

SHA-256: 1a0154888f0f5af3f97b0ba381a1e676c78358ff4d3c5b7bdc0d8d51fac2ea09

poppler-glib-debuginfo-21.01.0-14.el9.ppc64le.rpm

SHA-256: 9cf57fabb4ec488493f4f2a3e5b309ce985960ae5617816522bc82ab33740742

poppler-glib-devel-21.01.0-14.el9.ppc64le.rpm

SHA-256: df3e0c75edc958986900accbd39eed3382a0753cea331baa793d1843c84019d0

poppler-qt5-debuginfo-21.01.0-14.el9.ppc64le.rpm

SHA-256: 084260442a5f8de65970cbd8b9e37fec71312b6e75dca4ba95288ae7faebd97c

poppler-qt5-devel-21.01.0-14.el9.ppc64le.rpm

SHA-256: 3925e3d5a2642612bea638f2846baa2ea513766483844ee2ff894f61412f1631

poppler-utils-debuginfo-21.01.0-14.el9.ppc64le.rpm

SHA-256: 033cde628f038ab01bb5d66c9323a4cddaceed833a0c84e2c03ed15a337428e0

Red Hat CodeReady Linux Builder for ARM 64 9

SRPM

aarch64

poppler-cpp-debuginfo-21.01.0-14.el9.aarch64.rpm

SHA-256: a264ca72c0ef2ce3d9e46b5c5e608b75a74a8b1bc56b28acc0fb89cdda282cca

poppler-cpp-devel-21.01.0-14.el9.aarch64.rpm

SHA-256: bed4f8c0ac8b2d444ec408bb7c643d70ddd99786f8cf81752c1a078a5c5712e2

poppler-debuginfo-21.01.0-14.el9.aarch64.rpm

SHA-256: ca28e5a018bd5932d1ed8a15eec499895b12eb5fff57c396db1867924fa28ba0

poppler-debugsource-21.01.0-14.el9.aarch64.rpm

SHA-256: db54535c1940fa0393ceee13943da18733956766b9f05c158bd116bcb8003ef5

poppler-devel-21.01.0-14.el9.aarch64.rpm

SHA-256: d12bd519fd71e574d59c22af8025ef4e6c062e8eb81114c2d2f1d7e08a5d6609

poppler-glib-debuginfo-21.01.0-14.el9.aarch64.rpm

SHA-256: ffd2e9c5a908a2fef96d00b61c5cd4aa0da0c5f92a0b7b35cf2c2dd5cc4201f9

poppler-glib-devel-21.01.0-14.el9.aarch64.rpm

SHA-256: f3fb341be136e3b5a589e920c204bba358812844d0243b080fa99b549559ea22

poppler-qt5-debuginfo-21.01.0-14.el9.aarch64.rpm

SHA-256: a53dc9532b0c6e452a6e0082d60d993a702776a6313c6f98d4da01074a99a436

poppler-qt5-devel-21.01.0-14.el9.aarch64.rpm

SHA-256: cdc2cac60f78c4a468a01a7aed8c3d4ccaa4bf3926da0c4fe5d6e36d4fda92a8

poppler-utils-debuginfo-21.01.0-14.el9.aarch64.rpm

SHA-256: f73cebe86751e9dd0d51704e4ffbebaef9434fd21120591f6f070c1372f929ef

Red Hat CodeReady Linux Builder for IBM z Systems 9

SRPM

s390x

poppler-cpp-debuginfo-21.01.0-14.el9.s390x.rpm

SHA-256: 90df68d4d671e7f16db2257c0c22c80ebf56d1510b33300377eac7a75408fe5c

poppler-cpp-devel-21.01.0-14.el9.s390x.rpm

SHA-256: 3ff62b57a16678a3dc9b79a7368c5da5aa2187b3ccc488ba94e97c4be4342514

poppler-debuginfo-21.01.0-14.el9.s390x.rpm

SHA-256: 0d55765dfdf75b873ae1318e673323e7901db7b87de95258ba0bb0bf8cf10751

poppler-debugsource-21.01.0-14.el9.s390x.rpm

SHA-256: 94eb97351e14a0d39fef163d015542b659d0434608e4e5f7502e9183874ddeff

poppler-devel-21.01.0-14.el9.s390x.rpm

SHA-256: de82f79fd80ad7a5695563f5e98eee66acef83f139c32e43d6685ee9c47ab556

poppler-glib-debuginfo-21.01.0-14.el9.s390x.rpm

SHA-256: a82c027428585159c71678000c9b834f13007a103244f843e7fb63a61dfbd191

poppler-glib-devel-21.01.0-14.el9.s390x.rpm

SHA-256: 101949eeda51bc86471386ac528d5f73bb9ade65223b1486f9325b6f1ee152e9

poppler-qt5-debuginfo-21.01.0-14.el9.s390x.rpm

SHA-256: baeb2944f3adec24032c2c69c62f8ddc082b8711c42bab6abf59b3350eb92c98

poppler-qt5-devel-21.01.0-14.el9.s390x.rpm

SHA-256: 784636a4e6a66d6fb55c31d84d8102e23854a1876b18acf72284cb9e41edd6d0

poppler-utils-debuginfo-21.01.0-14.el9.s390x.rpm

SHA-256: a6382fa533b68905259c2cd47eb4efebb14f72b14ec4d96405d6b08573b0220e

Related news

RHSA-2023:2810: Red Hat Security Advisory: poppler security update

An update for poppler is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-38784: An integer overflow issue was discovered in Popplers' JBIG2 decoder in the JBIG2Stream::readTextRegionSeg() function in JBIGStream.cc file. This flaw allows an attacker to trick a user into opening a malformed PDF file or JBIG2 image in the application, triggering an integer overflow, which could result in a crash or may lead to the execution of ...

Red Hat Security Advisory 2023-2259-01

Red Hat Security Advisory 2023-2259-01 - Poppler is a Portable Document Format rendering library, used by applications such as Evince. Issues addressed include an integer overflow vulnerability.

Gentoo Linux Security Advisory 202209-21

Gentoo Linux Security Advisory 202209-21 - A vulnerability has been discovered in Poppler which could allow for arbitrary code execution. Versions less than 22.09.0 are affected.

Ubuntu Security Notice USN-5606-1

Ubuntu Security Notice 5606-1 - It was discovered that poppler incorrectly handled certain PDF. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

CVE-2022-38784: Poppler

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.