Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2023-0494-1.NASLHistoryFeb 24, 2023 - 12:00 a.m.
SUSE SLES12 Security Update : poppler (SUSE-SU-2023:0494-1)
2023-02-2400:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
32
suse sles12
security update
poppler
vulnerabilities
remote host
suse linux
advisory
xpdf
heap-based buffer
integer overflow
jbig2 decoder
EPSS
0.003
Percentile
65.3%
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0494-1 advisory.
-
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed- length copy. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact. (CVE-2019-13283)
-
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf. (CVE-2022-38784)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2023:0494-1. The text itself
# is copyright (C) SUSE.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(171892);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/14");
script_cve_id("CVE-2019-13283", "CVE-2022-38784");
script_xref(name:"SuSE", value:"SUSE-SU-2023:0494-1");
script_name(english:"SUSE SLES12 Security Update : poppler (SUSE-SU-2023:0494-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as
referenced in the SUSE-SU-2023:0494-1 advisory.
- In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in
fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-
length copy. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It
allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or
possibly have unspecified other impact. (CVE-2019-13283)
- Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder
(JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2
image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability
described by CVE-2022-38171 in Xpdf. (CVE-2022-38784)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1140877");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1202692");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-13283");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-38784");
# https://lists.suse.com/pipermail/sle-security-updates/2023-February/013873.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?cf4c212e");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-13283");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-38784");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/04");
script_set_attribute(attribute:"patch_publication_date", value:"2023/02/23");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/02/24");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpoppler-cpp0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpoppler-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpoppler-glib-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpoppler-glib8");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpoppler-qt4-4");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpoppler-qt4-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpoppler60");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:poppler-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:typelib-1_0-Poppler-0_18");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12|SLES_SAP12)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(2|4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES12 SP2/4/5", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP12" && (! preg(pattern:"^(4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP12 SP4/5", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'libpoppler-glib8-0.43.0-16.22.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},
{'reference':'libpoppler-qt4-4-0.43.0-16.22.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},
{'reference':'libpoppler60-0.43.0-16.22.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},
{'reference':'poppler-tools-0.43.0-16.22.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},
{'reference':'libpoppler-cpp0-0.43.0-16.22.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'libpoppler-devel-0.43.0-16.22.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'libpoppler-glib-devel-0.43.0-16.22.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'libpoppler-glib8-0.43.0-16.22.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'libpoppler-qt4-4-0.43.0-16.22.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'libpoppler-qt4-devel-0.43.0-16.22.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'libpoppler60-0.43.0-16.22.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'poppler-tools-0.43.0-16.22.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'typelib-1_0-Poppler-0_18-0.43.0-16.22.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'libpoppler-cpp0-0.43.0-16.22.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},
{'reference':'libpoppler-devel-0.43.0-16.22.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},
{'reference':'libpoppler-glib-devel-0.43.0-16.22.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},
{'reference':'libpoppler-qt4-devel-0.43.0-16.22.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},
{'reference':'typelib-1_0-Poppler-0_18-0.43.0-16.22.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},
{'reference':'libpoppler-glib8-0.43.0-16.22.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.2']},
{'reference':'libpoppler-qt4-4-0.43.0-16.22.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.2']},
{'reference':'libpoppler60-0.43.0-16.22.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.2']},
{'reference':'poppler-tools-0.43.0-16.22.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.2']},
{'reference':'libpoppler-glib8-0.43.0-16.22.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},
{'reference':'libpoppler-qt4-4-0.43.0-16.22.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},
{'reference':'libpoppler60-0.43.0-16.22.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},
{'reference':'poppler-tools-0.43.0-16.22.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},
{'reference':'libpoppler-glib8-0.43.0-16.22.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
{'reference':'libpoppler-qt4-4-0.43.0-16.22.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
{'reference':'libpoppler60-0.43.0-16.22.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
{'reference':'poppler-tools-0.43.0-16.22.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
{'reference':'libpoppler-glib8-0.43.0-16.22.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-4']},
{'reference':'libpoppler-glib8-0.43.0-16.22.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-4']},
{'reference':'libpoppler-qt4-4-0.43.0-16.22.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-4']},
{'reference':'libpoppler-qt4-4-0.43.0-16.22.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-4']},
{'reference':'libpoppler60-0.43.0-16.22.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-4']},
{'reference':'libpoppler60-0.43.0-16.22.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-4']},
{'reference':'poppler-tools-0.43.0-16.22.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-4']},
{'reference':'poppler-tools-0.43.0-16.22.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-4']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
var ltss_plugin_caveat = NULL;
if(ltss_caveat_required) ltss_plugin_caveat = '\n' +
'NOTE: This vulnerability check contains fixes that apply to\n' +
'packages only available in SUSE Enterprise Linux Server LTSS\n' +
'repositories. Access to these package security updates require\n' +
'a paid SUSE LTSS subscription.\n';
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get() + ltss_plugin_caveat
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libpoppler-cpp0 / libpoppler-devel / libpoppler-glib-devel / etc');
}
Related
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : poppler (SUSE-SU-2023:0480-1)
2023-02-23 00:00:00
EulerOS 2.0 SP8 : poppler (EulerOS-SA-2022-2801)
2022-12-08 00:00:00
EulerOS Virtualization 3.0.6.6 : poppler (EulerOS-SA-2023-2414)
2023-07-26 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:0494-1)
2023-03-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:0480-1)
2023-03-28 00:00:00
Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2022-2801)
2022-12-09 00:00:00
debiancve
debiancve
CVE-2022-38784
2022-08-30 03:15:07
CVE-2019-13283
2019-07-04 20:15:10
alpinelinux
alpinelinux
CVE-2022-38784
2022-08-30 03:15:07
CVE-2022-38171
2022-08-22 19:15:11
ubuntucve
ubuntucve
prion
prion
Integer overflow
2022-08-30 03:15:00
Heap overflow
2019-07-04 20:15:00
Integer overflow
2022-08-22 19:15:00
cve
cve
nvd
nvd
mageia
mageia
Updated poppler packages fix security vulnerability
2022-10-24 01:48:35
Updated xpdf packages fix security vulnerability
2022-09-07 08:27:53
cvelist
cvelist
osv
osv
CVE-2022-38784
2022-08-30 03:15:07
Moderate: poppler security update
2023-05-18 19:17:56
Moderate: poppler security update
2023-05-16 00:00:00
amazon
amazon
Medium: poppler
2023-06-05 16:39:00
redhatcve
redhatcve
CVE-2022-38784
2022-09-07 15:49:05
almalinux
almalinux
Moderate: poppler security and bug fix update
2023-05-09 00:00:00
Moderate: poppler security update
2023-05-16 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: poppler-22.08.0-2.fc37
2022-10-10 00:18:48
[SECURITY] Fedora 35 Update: poppler-21.08.0-3.fc35
2022-10-20 15:52:00
[SECURITY] Fedora 36 Update: poppler-22.01.0-6.fc36
2022-10-07 15:57:10
rocky
rocky
poppler security update
2023-05-18 19:17:56
redhat
redhat
(RHSA-2023:2259) Moderate: poppler security and bug fix update
2023-05-09 05:05:14
(RHSA-2023:2810) Moderate: poppler security update
2023-05-16 05:55:15
oraclelinux
oraclelinux
poppler security and bug fix update
2023-05-15 00:00:00
poppler security update
2023-05-24 00:00:00
redos
redos
ROS-20220926-02
2022-09-26 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-08-30 07:22:01
Integer Overflow
2024-04-10 18:25:44
ubuntu
ubuntu
poppler vulnerability
2022-09-12 00:00:00
poppler vulnerabilities
2020-11-25 00:00:00
gentoo
gentoo
Poppler: Arbitrary Code Execution
2022-09-29 00:00:00
Xpdf: Multiple Vulnerabilities
2024-05-07 00:00:00
debian
debian
[SECURITY] [DSA 5224-1] poppler security update
2022-09-06 19:32:19
[SECURITY] [DLA 3120-1] poppler security update
2022-09-25 22:47:37
attackerkb
attackerkb
CVE-2022-38171
2022-04-19 00:00:00
altlinux
altlinux