Description
psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
References (11)
Core 11
Core References
Third Party Advisory vendor-advisory
x_refsource_debian
https://www.debian.org/security/2018/dsa-4346
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:0229
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3831-1/
Patch x_refsource_misc
http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=3005fcb9bb160af199e761e03bc70a9f249a987e
Issue Tracking, Patch, Vendor Advisory x_refsource_misc
https://bugs.ghostscript.com/show_bug.cgi?id=700153
Exploit, Mitigation, Third Party Advisory x_refsource_misc
https://semmle.com/news/semmle-discovers-severe-vulnerability-ghostscript-postscript-pdf
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106154
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2018/11/msg00036.html
Release Notes, Vendor Advisory x_refsource_misc
https://www.ghostscript.com/doc/9.26/History9.htm#Version9.26
Patch x_refsource_misc
http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=aeea342904978c9fe17d85f4906a0f6fcce2d315
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHBA-2019:0327
Scores
CVSS v3
7.8
EPSS
0.6528
EPSS Percentile
98.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
Status
published
Products (15)
artifex/ghostscript
< 9.26
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
18.04
canonical/ubuntu_linux
18.10
debian/debian_linux
8.0
debian/debian_linux
9.0
redhat/enterprise_linux_desktop
7.0
redhat/enterprise_linux_server
7.0
redhat/enterprise_linux_server
7.6
... and 5 more
Published
Nov 23, 2018
Tracked Since
Feb 18, 2026