CVE-2023-28879

EUVD-2023-32499
In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
artifexghostscript
𝑥
< 10.01.0
debiandebian_linux
10.0
debiandebian_linux
11.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ghostscript
bookworm
10.0.0~dfsg-11+deb12u5
fixed
bookworm (security)
10.0.0~dfsg-11+deb12u6
fixed
bullseye
9.53.3~dfsg-7+deb11u7
fixed
bullseye (security)
9.53.3~dfsg-7+deb11u9
fixed
sid
10.04.0~dfsg-2
fixed
trixie
10.04.0~dfsg-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ghostscript
bionic
Fixed 9.26~dfsg+0-0ubuntu0.18.04.18
released
focal
Fixed 9.50~dfsg-5ubuntu4.7
released
jammy
Fixed 9.55.0~dfsg1-0ubuntu5.2
released
kinetic
Fixed 9.56.1~dfsg1-0ubuntu3.1
released
lunar
Fixed 10.0.0~dfsg1-0ubuntu1.1
released
trusty
ignored
xenial
Fixed 9.26~dfsg+0-0ubuntu0.16.04.14+esm5
released
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2023/04/12/4
https://bugs.ghostscript.com/show_bug.cgi?id=706494
https://ghostscript.readthedocs.io/en/latest/News.html
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=37ed5022cecd584de868933b5b60da2e995b3179
https://lists.debian.org/debian-lts-announce/2023/04/msg00003.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CI6UCKM3XMK7PYNIRGAVDJ5VKN6XYZOE/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHJX62KSRIOBZA6FKONMJP7MEFY7LTH2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MADLP3GWJFLLFVNZGEDNPMDQR6CCXAHN/
https://security.gentoo.org/glsa/202309-03
https://www.debian.org/security/2023/dsa-5383
http://www.openwall.com/lists/oss-security/2023/04/12/4
https://bugs.ghostscript.com/show_bug.cgi?id=706494
https://ghostscript.readthedocs.io/en/latest/News.html
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=37ed5022cecd584de868933b5b60da2e995b3179
https://lists.debian.org/debian-lts-announce/2023/04/msg00003.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CI6UCKM3XMK7PYNIRGAVDJ5VKN6XYZOE/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHJX62KSRIOBZA6FKONMJP7MEFY7LTH2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MADLP3GWJFLLFVNZGEDNPMDQR6CCXAHN/
https://security.gentoo.org/glsa/202309-03
https://www.debian.org/security/2023/dsa-5383