In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack.
CPE | Name | Operator | Version |
---|---|---|---|
ubuntu_linux | eq | 16.04 | |
ubuntu_linux | eq | 14.04 | |
ubuntu_linux | eq | 18.04 | |
ubuntu_linux | eq | 18.10 | |
debian_linux | eq | 8.0 | |
poppler | eq | 0.68.0 |
access.redhat.com/errata/RHSA-2019:2022
bugzilla.redhat.com/show_bug.cgi?id=1622951
lists.debian.org/debian-lts-announce/2018/10/msg00024.html
lists.debian.org/debian-lts-announce/2018/11/msg00040.html
lists.debian.org/debian-lts-announce/2018/12/msg00004.html
lists.debian.org/debian-lts-announce/2020/07/msg00018.html
usn.ubuntu.com/3837-1/
usn.ubuntu.com/3837-2/