CVE-2018-19475

psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
VendorProductVersion
artifexghostscript
𝑥
< 9.26
debiandebian_linux
8.0
debiandebian_linux
9.0
canonicalubuntu_linux
14.04
canonicalubuntu_linux
16.04
canonicalubuntu_linux
18.04
canonicalubuntu_linux
18.10
redhatopenshift_container_platform
3.11
redhatenterprise_linux_desktop
7.0
redhatenterprise_linux_server
7.0
redhatenterprise_linux_server
7.6
redhatenterprise_linux_server_aus
7.6
redhatenterprise_linux_server_eus
7.6
redhatenterprise_linux_server_tus
7.6
redhatenterprise_linux_workstation
7.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ghostscript
bullseye
9.53.3~dfsg-7+deb11u7
fixed
bullseye (security)
9.53.3~dfsg-7+deb11u8
fixed
bookworm
10.0.0~dfsg-11+deb12u4
fixed
bookworm (security)
10.0.0~dfsg-11+deb12u5
fixed
sid
10.04.0~dfsg-1
fixed
trixie
10.04.0~dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ghostscript
cosmic
Fixed 9.26~dfsg+0-0ubuntu0.18.10.1
released
bionic
Fixed 9.26~dfsg+0-0ubuntu0.18.04.1
released
xenial
Fixed 9.26~dfsg+0-0ubuntu0.16.04.1
released
trusty
Fixed 9.26~dfsg+0-0ubuntu0.14.04.1
released
References
http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=3005fcb9bb160af199e761e03bc70a9f249a987e
http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=aeea342904978c9fe17d85f4906a0f6fcce2d315
http://www.securityfocus.com/bid/106154
https://access.redhat.com/errata/RHBA-2019:0327
https://access.redhat.com/errata/RHSA-2019:0229
https://bugs.ghostscript.com/show_bug.cgi?id=700153
https://lists.debian.org/debian-lts-announce/2018/11/msg00036.html
https://semmle.com/news/semmle-discovers-severe-vulnerability-ghostscript-postscript-pdf
https://usn.ubuntu.com/3831-1/
https://www.debian.org/security/2018/dsa-4346
https://www.ghostscript.com/doc/9.26/History9.htm#Version9.26
http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=3005fcb9bb160af199e761e03bc70a9f249a987e
http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=aeea342904978c9fe17d85f4906a0f6fcce2d315
http://www.securityfocus.com/bid/106154
https://access.redhat.com/errata/RHBA-2019:0327
https://access.redhat.com/errata/RHSA-2019:0229
https://bugs.ghostscript.com/show_bug.cgi?id=700153
https://lists.debian.org/debian-lts-announce/2018/11/msg00036.html
https://semmle.com/news/semmle-discovers-severe-vulnerability-ghostscript-postscript-pdf
https://usn.ubuntu.com/3831-1/
https://www.debian.org/security/2018/dsa-4346
https://www.ghostscript.com/doc/9.26/History9.htm#Version9.26