Headline
RHSA-2023:2259: Red Hat Security Advisory: poppler security and bug fix update
An update for poppler is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-38784: An integer overflow issue was discovered in Popplers’ JBIG2 decoder in the JBIG2Stream::readTextRegionSeg() function in JBIGStream.cc file. This flaw allows an attacker to trick a user into opening a malformed PDF file or JBIG2 image in the application, triggering an integer overflow, which could result in a crash or may lead to the execution of arbitrary code on the target system.
Synopsis
Moderate: poppler security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for poppler is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince.
Security Fix(es):
- poppler: integer overflow in JBIG2 decoder using malformed files (CVE-2022-38784)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for ARM 64 9 aarch64
- Red Hat CodeReady Linux Builder for x86_64 9 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
Fixes
- BZ - 2124527 - CVE-2022-38784 poppler: integer overflow in JBIG2 decoder using malformed files
- BZ - 2144768 - Please add various devel packages to CRB 9 to build Scribus in EPEL
References
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index
Red Hat Enterprise Linux for x86_64 9
SRPM
poppler-21.01.0-14.el9.src.rpm
SHA-256: ef3e47d9691f7470e7e3f4d8b72f9696cb92fff91042e2f8d2d624df4fe621f2
x86_64
poppler-21.01.0-14.el9.i686.rpm
SHA-256: 38df87cfaaeeb44cf4c7d8d416e723980b0322106da6133a000e08fc6e1a33b3
poppler-21.01.0-14.el9.x86_64.rpm
SHA-256: 4f517e3ea064239a68f55017c34de1e5d9f98f3c052dac3c47f5af9969066f66
poppler-cpp-21.01.0-14.el9.i686.rpm
SHA-256: 0d0f3f6e0556b2c922c3d835b34788938020b86fa9712aa85ef83caab03484db
poppler-cpp-21.01.0-14.el9.x86_64.rpm
SHA-256: 406e36013797ddd2b43f1e4e92c57c86cdd8310961059f51678ecbe2e338876e
poppler-cpp-debuginfo-21.01.0-14.el9.i686.rpm
SHA-256: 0e4d3755e7a40075bed3edf020a2766ab614c08cce6807d9c2f5d6374bca5c3a
poppler-cpp-debuginfo-21.01.0-14.el9.x86_64.rpm
SHA-256: 1396d64e14d19dafe2641906047d350d09bbe8a000d4c5a094d964ebb7ba3565
poppler-debuginfo-21.01.0-14.el9.i686.rpm
SHA-256: a59cd8121d1f3556d7ce28fd7420c75d699467e1fbe85cf963f320aea8a9b8e0
poppler-debuginfo-21.01.0-14.el9.x86_64.rpm
SHA-256: 7f3edea56f9d3024e545f487a8a96cd65348c9f83b1c1d11ed32420cd8467c41
poppler-debugsource-21.01.0-14.el9.i686.rpm
SHA-256: 4d6ea426da21f12ccd2145753e97607c5340b1559eb42361e0713c75d0fd53a0
poppler-debugsource-21.01.0-14.el9.x86_64.rpm
SHA-256: ce78f87c95cd820c308b9bba376daf09fde096d09bb3e3873aff4cb17e4887e8
poppler-glib-21.01.0-14.el9.i686.rpm
SHA-256: 98160ab2a78bddf3941b598805e7766052638f8061ac4a311e368b3214bf2052
poppler-glib-21.01.0-14.el9.x86_64.rpm
SHA-256: 31bbfa638b46c3859b7a445c55b4a61a06424ff172b19e186eaaa7a0936c884a
poppler-glib-debuginfo-21.01.0-14.el9.i686.rpm
SHA-256: 43f0c8ff89972400664cfe51c06081be6fa1ab960c0e28f4e217f340c8777fb2
poppler-glib-debuginfo-21.01.0-14.el9.x86_64.rpm
SHA-256: 61a8592f03e1d6f5c58150d3e786b87d3634411a03ed13bf15cfde3f397ed4a9
poppler-qt5-21.01.0-14.el9.i686.rpm
SHA-256: d727ee3d48c6f934301654fcd2a4f2ecbaa783212f5cbcd43ed7a4e658b872f3
poppler-qt5-21.01.0-14.el9.x86_64.rpm
SHA-256: 58d0208612ab886ba0d857baddfa9e95d7bc4976092e32b8899e6c1e87933be3
poppler-qt5-debuginfo-21.01.0-14.el9.i686.rpm
SHA-256: 63420154173f51bd8fe380949ed448d9db7453f9423e43dd7e13a6f70c0e1a19
poppler-qt5-debuginfo-21.01.0-14.el9.x86_64.rpm
SHA-256: 7d6343704efdedacdb368af036ba33b0652de168658b28bb2cf48226a58c5505
poppler-utils-21.01.0-14.el9.x86_64.rpm
SHA-256: 5d569f165f819e1ec78dcd07dae7a17adf7df9aa5ec2fc8a335d389660bb8291
poppler-utils-debuginfo-21.01.0-14.el9.i686.rpm
SHA-256: f3662792e6c5353f71b6ed78ebac665b5a74b19231dabdfcb19f811679f25831
poppler-utils-debuginfo-21.01.0-14.el9.x86_64.rpm
SHA-256: 56f6f6324d7df3140771eb0e32c007b0acd10982d2935093c1b9483759620e4f
Red Hat Enterprise Linux for IBM z Systems 9
SRPM
poppler-21.01.0-14.el9.src.rpm
SHA-256: ef3e47d9691f7470e7e3f4d8b72f9696cb92fff91042e2f8d2d624df4fe621f2
s390x
poppler-21.01.0-14.el9.s390x.rpm
SHA-256: 7e91b6b6af5faf9a51fd950e62dc3878ac86d689d0fac1f66d74fe2ab96106f2
poppler-cpp-21.01.0-14.el9.s390x.rpm
SHA-256: c90387a2118f363e31887d9667c51104b1e4be073f227795b1028540120cc0cd
poppler-cpp-debuginfo-21.01.0-14.el9.s390x.rpm
SHA-256: 90df68d4d671e7f16db2257c0c22c80ebf56d1510b33300377eac7a75408fe5c
poppler-debuginfo-21.01.0-14.el9.s390x.rpm
SHA-256: 0d55765dfdf75b873ae1318e673323e7901db7b87de95258ba0bb0bf8cf10751
poppler-debugsource-21.01.0-14.el9.s390x.rpm
SHA-256: 94eb97351e14a0d39fef163d015542b659d0434608e4e5f7502e9183874ddeff
poppler-glib-21.01.0-14.el9.s390x.rpm
SHA-256: dae2667038e7e871e3a3754c52a86939ba553e1e6d6dbeab3a80a49b58599779
poppler-glib-debuginfo-21.01.0-14.el9.s390x.rpm
SHA-256: a82c027428585159c71678000c9b834f13007a103244f843e7fb63a61dfbd191
poppler-qt5-21.01.0-14.el9.s390x.rpm
SHA-256: 49e3263b057f7c0e24fe1afa4ecccc8e43a938fd4b4ed584c15e009a804c37f7
poppler-qt5-debuginfo-21.01.0-14.el9.s390x.rpm
SHA-256: baeb2944f3adec24032c2c69c62f8ddc082b8711c42bab6abf59b3350eb92c98
poppler-utils-21.01.0-14.el9.s390x.rpm
SHA-256: 8d1d99cfafe08e22680a9f379373dccd1ca5034731ce1a724d803a3ee652f58c
poppler-utils-debuginfo-21.01.0-14.el9.s390x.rpm
SHA-256: a6382fa533b68905259c2cd47eb4efebb14f72b14ec4d96405d6b08573b0220e
Red Hat Enterprise Linux for Power, little endian 9
SRPM
poppler-21.01.0-14.el9.src.rpm
SHA-256: ef3e47d9691f7470e7e3f4d8b72f9696cb92fff91042e2f8d2d624df4fe621f2
ppc64le
poppler-21.01.0-14.el9.ppc64le.rpm
SHA-256: e0ed73ca3afb9ff597662211eb0407adb46fcc719fc36d1c192d14b2cb29d726
poppler-cpp-21.01.0-14.el9.ppc64le.rpm
SHA-256: a6268ce0549570289f9566031da67fb3ae032e15be9b1e9e018b676a0cef3f80
poppler-cpp-debuginfo-21.01.0-14.el9.ppc64le.rpm
SHA-256: 9ceff637e8e345bff1d5a45bc305584b7707940739a4f2c9e31e47619c9e8d2f
poppler-debuginfo-21.01.0-14.el9.ppc64le.rpm
SHA-256: 4ab4ec4373af41c2db4d3923a98eec130edf3114b7a354f68dda09d774728c05
poppler-debugsource-21.01.0-14.el9.ppc64le.rpm
SHA-256: f2362d3d565aa99260738603e6022449694478c95e1c7241a4cfdb14ba97f0bf
poppler-glib-21.01.0-14.el9.ppc64le.rpm
SHA-256: 3ea46402b4a057e0c5effdd024f362b18f7ff3b4553ebaf462d5864a80d4d2c0
poppler-glib-debuginfo-21.01.0-14.el9.ppc64le.rpm
SHA-256: 9cf57fabb4ec488493f4f2a3e5b309ce985960ae5617816522bc82ab33740742
poppler-qt5-21.01.0-14.el9.ppc64le.rpm
SHA-256: 12d2d81c526226dfdad1ee20c40b9ffaf5efd3cce3ca762cbf6ac668b427f3fd
poppler-qt5-debuginfo-21.01.0-14.el9.ppc64le.rpm
SHA-256: 084260442a5f8de65970cbd8b9e37fec71312b6e75dca4ba95288ae7faebd97c
poppler-utils-21.01.0-14.el9.ppc64le.rpm
SHA-256: 1cc0175fb2f9b6a74a45b16a995c7035d93adeeabf847e15198dda83ba648c0c
poppler-utils-debuginfo-21.01.0-14.el9.ppc64le.rpm
SHA-256: 033cde628f038ab01bb5d66c9323a4cddaceed833a0c84e2c03ed15a337428e0
Red Hat Enterprise Linux for ARM 64 9
SRPM
poppler-21.01.0-14.el9.src.rpm
SHA-256: ef3e47d9691f7470e7e3f4d8b72f9696cb92fff91042e2f8d2d624df4fe621f2
aarch64
poppler-21.01.0-14.el9.aarch64.rpm
SHA-256: d19cd601b874e8a48cfdd0b05f9b9162828b48b14bf5ca87160a65039b7df89a
poppler-cpp-21.01.0-14.el9.aarch64.rpm
SHA-256: 867f7a553646740312113bfa9fc2d43922c170de53300472e58f400111406a26
poppler-cpp-debuginfo-21.01.0-14.el9.aarch64.rpm
SHA-256: a264ca72c0ef2ce3d9e46b5c5e608b75a74a8b1bc56b28acc0fb89cdda282cca
poppler-debuginfo-21.01.0-14.el9.aarch64.rpm
SHA-256: ca28e5a018bd5932d1ed8a15eec499895b12eb5fff57c396db1867924fa28ba0
poppler-debugsource-21.01.0-14.el9.aarch64.rpm
SHA-256: db54535c1940fa0393ceee13943da18733956766b9f05c158bd116bcb8003ef5
poppler-glib-21.01.0-14.el9.aarch64.rpm
SHA-256: c26e5b5220572b384ff32613f45dd26df3d4aa7724391d570387d4614077d726
poppler-glib-debuginfo-21.01.0-14.el9.aarch64.rpm
SHA-256: ffd2e9c5a908a2fef96d00b61c5cd4aa0da0c5f92a0b7b35cf2c2dd5cc4201f9
poppler-qt5-21.01.0-14.el9.aarch64.rpm
SHA-256: ca5e665a8071ff07f728ec0ececad1b06007f36ad08f83602130adfe50a5e9c6
poppler-qt5-debuginfo-21.01.0-14.el9.aarch64.rpm
SHA-256: a53dc9532b0c6e452a6e0082d60d993a702776a6313c6f98d4da01074a99a436
poppler-utils-21.01.0-14.el9.aarch64.rpm
SHA-256: 77829951cf175450d470387d1789482eac65bada10fc31e0181d427cc7270c99
poppler-utils-debuginfo-21.01.0-14.el9.aarch64.rpm
SHA-256: f73cebe86751e9dd0d51704e4ffbebaef9434fd21120591f6f070c1372f929ef
Red Hat CodeReady Linux Builder for x86_64 9
SRPM
x86_64
poppler-cpp-debuginfo-21.01.0-14.el9.i686.rpm
SHA-256: 0e4d3755e7a40075bed3edf020a2766ab614c08cce6807d9c2f5d6374bca5c3a
poppler-cpp-debuginfo-21.01.0-14.el9.x86_64.rpm
SHA-256: 1396d64e14d19dafe2641906047d350d09bbe8a000d4c5a094d964ebb7ba3565
poppler-cpp-devel-21.01.0-14.el9.i686.rpm
SHA-256: d93b1113084513c99cff33b8927238c65f8ea1d80c553a5e57a89c3cad05ab72
poppler-cpp-devel-21.01.0-14.el9.x86_64.rpm
SHA-256: 5e6261d57d064b6732848fb202ef12ab8202242a54d8bf5160cbb6bdf9633cbf
poppler-debuginfo-21.01.0-14.el9.i686.rpm
SHA-256: a59cd8121d1f3556d7ce28fd7420c75d699467e1fbe85cf963f320aea8a9b8e0
poppler-debuginfo-21.01.0-14.el9.x86_64.rpm
SHA-256: 7f3edea56f9d3024e545f487a8a96cd65348c9f83b1c1d11ed32420cd8467c41
poppler-debugsource-21.01.0-14.el9.i686.rpm
SHA-256: 4d6ea426da21f12ccd2145753e97607c5340b1559eb42361e0713c75d0fd53a0
poppler-debugsource-21.01.0-14.el9.x86_64.rpm
SHA-256: ce78f87c95cd820c308b9bba376daf09fde096d09bb3e3873aff4cb17e4887e8
poppler-devel-21.01.0-14.el9.i686.rpm
SHA-256: 80a4278b09d01f3f994640533c22f7870b9267ae53b3b0ea36a48da209c4759d
poppler-devel-21.01.0-14.el9.x86_64.rpm
SHA-256: ea2a76295712235fc24a2eb948f9a6e3195d83c3ea5ed9db62710f331d360544
poppler-glib-debuginfo-21.01.0-14.el9.i686.rpm
SHA-256: 43f0c8ff89972400664cfe51c06081be6fa1ab960c0e28f4e217f340c8777fb2
poppler-glib-debuginfo-21.01.0-14.el9.x86_64.rpm
SHA-256: 61a8592f03e1d6f5c58150d3e786b87d3634411a03ed13bf15cfde3f397ed4a9
poppler-glib-devel-21.01.0-14.el9.i686.rpm
SHA-256: 2625da156e35706a9988aaeeb5bcdcbae99f04169f59d7aa2ab552bde8c167ff
poppler-glib-devel-21.01.0-14.el9.x86_64.rpm
SHA-256: 00b4b9539dd03bd64eb3855e184d8b81ff2e1f704c027a79dfd8873414bc8a7f
poppler-qt5-debuginfo-21.01.0-14.el9.i686.rpm
SHA-256: 63420154173f51bd8fe380949ed448d9db7453f9423e43dd7e13a6f70c0e1a19
poppler-qt5-debuginfo-21.01.0-14.el9.x86_64.rpm
SHA-256: 7d6343704efdedacdb368af036ba33b0652de168658b28bb2cf48226a58c5505
poppler-qt5-devel-21.01.0-14.el9.i686.rpm
SHA-256: fd1afba416de07db69989e5e9ff52e0907349142c38bef2754bf600f305d3769
poppler-qt5-devel-21.01.0-14.el9.x86_64.rpm
SHA-256: f8e8c08a9173e38a687ab76c9c8713bd9d8b460ca531a126d5e3c2559e7b67ac
poppler-utils-debuginfo-21.01.0-14.el9.i686.rpm
SHA-256: f3662792e6c5353f71b6ed78ebac665b5a74b19231dabdfcb19f811679f25831
poppler-utils-debuginfo-21.01.0-14.el9.x86_64.rpm
SHA-256: 56f6f6324d7df3140771eb0e32c007b0acd10982d2935093c1b9483759620e4f
Red Hat CodeReady Linux Builder for Power, little endian 9
SRPM
ppc64le
poppler-cpp-debuginfo-21.01.0-14.el9.ppc64le.rpm
SHA-256: 9ceff637e8e345bff1d5a45bc305584b7707940739a4f2c9e31e47619c9e8d2f
poppler-cpp-devel-21.01.0-14.el9.ppc64le.rpm
SHA-256: 5c6d46847b3edc8383ee4e0ba88ceb507109e6b8ace2911df0f9d9a5fad062a4
poppler-debuginfo-21.01.0-14.el9.ppc64le.rpm
SHA-256: 4ab4ec4373af41c2db4d3923a98eec130edf3114b7a354f68dda09d774728c05
poppler-debugsource-21.01.0-14.el9.ppc64le.rpm
SHA-256: f2362d3d565aa99260738603e6022449694478c95e1c7241a4cfdb14ba97f0bf
poppler-devel-21.01.0-14.el9.ppc64le.rpm
SHA-256: 1a0154888f0f5af3f97b0ba381a1e676c78358ff4d3c5b7bdc0d8d51fac2ea09
poppler-glib-debuginfo-21.01.0-14.el9.ppc64le.rpm
SHA-256: 9cf57fabb4ec488493f4f2a3e5b309ce985960ae5617816522bc82ab33740742
poppler-glib-devel-21.01.0-14.el9.ppc64le.rpm
SHA-256: df3e0c75edc958986900accbd39eed3382a0753cea331baa793d1843c84019d0
poppler-qt5-debuginfo-21.01.0-14.el9.ppc64le.rpm
SHA-256: 084260442a5f8de65970cbd8b9e37fec71312b6e75dca4ba95288ae7faebd97c
poppler-qt5-devel-21.01.0-14.el9.ppc64le.rpm
SHA-256: 3925e3d5a2642612bea638f2846baa2ea513766483844ee2ff894f61412f1631
poppler-utils-debuginfo-21.01.0-14.el9.ppc64le.rpm
SHA-256: 033cde628f038ab01bb5d66c9323a4cddaceed833a0c84e2c03ed15a337428e0
Red Hat CodeReady Linux Builder for ARM 64 9
SRPM
aarch64
poppler-cpp-debuginfo-21.01.0-14.el9.aarch64.rpm
SHA-256: a264ca72c0ef2ce3d9e46b5c5e608b75a74a8b1bc56b28acc0fb89cdda282cca
poppler-cpp-devel-21.01.0-14.el9.aarch64.rpm
SHA-256: bed4f8c0ac8b2d444ec408bb7c643d70ddd99786f8cf81752c1a078a5c5712e2
poppler-debuginfo-21.01.0-14.el9.aarch64.rpm
SHA-256: ca28e5a018bd5932d1ed8a15eec499895b12eb5fff57c396db1867924fa28ba0
poppler-debugsource-21.01.0-14.el9.aarch64.rpm
SHA-256: db54535c1940fa0393ceee13943da18733956766b9f05c158bd116bcb8003ef5
poppler-devel-21.01.0-14.el9.aarch64.rpm
SHA-256: d12bd519fd71e574d59c22af8025ef4e6c062e8eb81114c2d2f1d7e08a5d6609
poppler-glib-debuginfo-21.01.0-14.el9.aarch64.rpm
SHA-256: ffd2e9c5a908a2fef96d00b61c5cd4aa0da0c5f92a0b7b35cf2c2dd5cc4201f9
poppler-glib-devel-21.01.0-14.el9.aarch64.rpm
SHA-256: f3fb341be136e3b5a589e920c204bba358812844d0243b080fa99b549559ea22
poppler-qt5-debuginfo-21.01.0-14.el9.aarch64.rpm
SHA-256: a53dc9532b0c6e452a6e0082d60d993a702776a6313c6f98d4da01074a99a436
poppler-qt5-devel-21.01.0-14.el9.aarch64.rpm
SHA-256: cdc2cac60f78c4a468a01a7aed8c3d4ccaa4bf3926da0c4fe5d6e36d4fda92a8
poppler-utils-debuginfo-21.01.0-14.el9.aarch64.rpm
SHA-256: f73cebe86751e9dd0d51704e4ffbebaef9434fd21120591f6f070c1372f929ef
Red Hat CodeReady Linux Builder for IBM z Systems 9
SRPM
s390x
poppler-cpp-debuginfo-21.01.0-14.el9.s390x.rpm
SHA-256: 90df68d4d671e7f16db2257c0c22c80ebf56d1510b33300377eac7a75408fe5c
poppler-cpp-devel-21.01.0-14.el9.s390x.rpm
SHA-256: 3ff62b57a16678a3dc9b79a7368c5da5aa2187b3ccc488ba94e97c4be4342514
poppler-debuginfo-21.01.0-14.el9.s390x.rpm
SHA-256: 0d55765dfdf75b873ae1318e673323e7901db7b87de95258ba0bb0bf8cf10751
poppler-debugsource-21.01.0-14.el9.s390x.rpm
SHA-256: 94eb97351e14a0d39fef163d015542b659d0434608e4e5f7502e9183874ddeff
poppler-devel-21.01.0-14.el9.s390x.rpm
SHA-256: de82f79fd80ad7a5695563f5e98eee66acef83f139c32e43d6685ee9c47ab556
poppler-glib-debuginfo-21.01.0-14.el9.s390x.rpm
SHA-256: a82c027428585159c71678000c9b834f13007a103244f843e7fb63a61dfbd191
poppler-glib-devel-21.01.0-14.el9.s390x.rpm
SHA-256: 101949eeda51bc86471386ac528d5f73bb9ade65223b1486f9325b6f1ee152e9
poppler-qt5-debuginfo-21.01.0-14.el9.s390x.rpm
SHA-256: baeb2944f3adec24032c2c69c62f8ddc082b8711c42bab6abf59b3350eb92c98
poppler-qt5-devel-21.01.0-14.el9.s390x.rpm
SHA-256: 784636a4e6a66d6fb55c31d84d8102e23854a1876b18acf72284cb9e41edd6d0
poppler-utils-debuginfo-21.01.0-14.el9.s390x.rpm
SHA-256: a6382fa533b68905259c2cd47eb4efebb14f72b14ec4d96405d6b08573b0220e
Related news
An update for poppler is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-38784: An integer overflow issue was discovered in Popplers' JBIG2 decoder in the JBIG2Stream::readTextRegionSeg() function in JBIGStream.cc file. This flaw allows an attacker to trick a user into opening a malformed PDF file or JBIG2 image in the application, triggering an integer overflow, which could result in a crash or may lead to the execution of ...
Red Hat Security Advisory 2023-2259-01 - Poppler is a Portable Document Format rendering library, used by applications such as Evince. Issues addressed include an integer overflow vulnerability.
Gentoo Linux Security Advisory 202209-21 - A vulnerability has been discovered in Poppler which could allow for arbitrary code execution. Versions less than 22.09.0 are affected.
Ubuntu Security Notice 5606-1 - It was discovered that poppler incorrectly handled certain PDF. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.