Jump to content

GhostScript - make sure it is uptodate


crp

Recommended Posts

There is a nasty flaw that can lead to an RCE,

 

https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation/

 

Quote

"This vulnerability has significant impact on web-applications and other services offering document conversion and preview functionalities as these often use Ghostscript under the hood."

and when they say other services , they are not talking about web applications but on machine applications and routines.

Link to comment
Share on other sites

securitybreach
Quote

While the Ghostscript development team patched the security flaw in May, Codean Labs published a write-up with technical details and proof-of-concept exploit code two months later.

 

https://www.bleepingcomputer.com/news/security/rce-bug-in-widely-used-ghostscript-library-now-exploited-in-attacks/

 

This was patched in May when it was originally found.

 

Link to comment
Share on other sites

securitybreach

Also, more info:

 

Quote

"If you have ghostscript *anywhere* in your production services, you are probably vulnerable to a shockingly trivial remote shell execution, and you should upgrade it or remove it from your production systems," developer Bill Mill warned.

 

"The best mitigation against this vulnerability is to update your installation of Ghostscript to v10.03.1. If your distribution does not provide the latest Ghostscript version, it might still have released a patch version containing a fix for this vulnerability (e.g., Debian, Ubuntu, Fedora)," Codean Labs added.

 

One year ago, the Ghostscript developers patched another critical RCE flaw (CVE-2023-36664) also triggered by opening maliciously crafted files on unpatched systems.

 

Link to comment
Share on other sites

securitybreach

On Arch:

 

Cerberus :: ~ » pacman -Qi ghostscript
Name            : ghostscript
Version         : 10.03.1-1
..........................
Build Date      : Sun 19 May 2024 02:33:25 PM CDT
Install Date    : Sat 25 May 2024 09:17:03 AM CDT


 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...