The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.
Please refer to the "Mitigation" section of CVE-2018-16509 : <https://access.redhat.com/security/cve/cve-2018-16509>