CVE-2023-28879

In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
VendorProductVersion
artifexghostscript
𝑥
< 10.01.0
debiandebian_linux
10.0
debiandebian_linux
11.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ghostscript
bullseye
9.53.3~dfsg-7+deb11u7
fixed
bullseye (security)
9.53.3~dfsg-7+deb11u9
fixed
bookworm
10.0.0~dfsg-11+deb12u5
fixed
bookworm (security)
10.0.0~dfsg-11+deb12u6
fixed
trixie
10.04.0~dfsg-2
fixed
sid
10.04.0~dfsg-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ghostscript
lunar
Fixed 10.0.0~dfsg1-0ubuntu1.1
released
kinetic
Fixed 9.56.1~dfsg1-0ubuntu3.1
released
jammy
Fixed 9.55.0~dfsg1-0ubuntu5.2
released
focal
Fixed 9.50~dfsg-5ubuntu4.7
released
bionic
Fixed 9.26~dfsg+0-0ubuntu0.18.04.18
released
xenial
Fixed 9.26~dfsg+0-0ubuntu0.16.04.14+esm5
released
trusty
ignored
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2023/04/12/4
https://bugs.ghostscript.com/show_bug.cgi?id=706494
https://ghostscript.readthedocs.io/en/latest/News.html
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=37ed5022cecd584de868933b5b60da2e995b3179
https://lists.debian.org/debian-lts-announce/2023/04/msg00003.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CI6UCKM3XMK7PYNIRGAVDJ5VKN6XYZOE/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHJX62KSRIOBZA6FKONMJP7MEFY7LTH2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MADLP3GWJFLLFVNZGEDNPMDQR6CCXAHN/
https://security.gentoo.org/glsa/202309-03
https://www.debian.org/security/2023/dsa-5383
http://www.openwall.com/lists/oss-security/2023/04/12/4
https://bugs.ghostscript.com/show_bug.cgi?id=706494
https://ghostscript.readthedocs.io/en/latest/News.html
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=37ed5022cecd584de868933b5b60da2e995b3179
https://lists.debian.org/debian-lts-announce/2023/04/msg00003.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CI6UCKM3XMK7PYNIRGAVDJ5VKN6XYZOE/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHJX62KSRIOBZA6FKONMJP7MEFY7LTH2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MADLP3GWJFLLFVNZGEDNPMDQR6CCXAHN/
https://security.gentoo.org/glsa/202309-03
https://www.debian.org/security/2023/dsa-5383