Lucene search
Redhat.comRH:CVE-2024-29507HistoryJul 03, 2024 - 10:21 p.m.
CVE-2024-29507
2024-07-0322:21:06
redhat.com
access.redhat.com
10
artifex ghostscript
stack-based buffer overflow
cve-2024-29507
cidfsubstpath
cidfsubstfont
A flaw was found in Ghostscript. Under specific conditions, the cidfsubstpath and cidfsubstfont parameters set by corresponding Postscript objects are used to load substitute fonts in pdfi_open_CIDFont_substitute_file. The values are copied via memcpy into the fontfname buffer without bounds checks. This flaw allows an attacker to pass values larger than the buffer size to trigger a stack buffer overflow, leading to a denial of service or other unexpected behavior.
Mitigation
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Related
nvd
nvd
CVE-2024-29507
2024-07-03 19:15:03
cvelist
cvelist
CVE-2024-29507
2024-07-03 00:00:00
vulnrichment
vulnrichment
CVE-2024-29507
2024-07-03 00:00:00
osv
osv
CVE-2024-29507
2024-07-03 19:15:03
ghostscript - security update
2024-08-29 00:00:00
ghostscript vulnerabilities
2024-07-15 11:27:33
ubuntucve
ubuntucve
CVE-2024-29507
2024-07-03 00:00:00
debiancve
debiancve
CVE-2024-29507
2024-07-03 19:15:03
cve
cve
CVE-2024-29507
2024-07-03 19:15:03
nessus
nessus
Debian dsa-5760 : ghostscript - security update
2024-08-29 00:00:00
Fedora 40 : ghostscript (2024-053b8330a1)
2024-07-23 00:00:00
Fedora 39 : ghostscript (2024-52192927d8)
2024-07-24 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5760-1)
2024-08-30 00:00:00
Fedora: Security Advisory (FEDORA-2024-053b8330a1)
2024-08-06 00:00:00
Ubuntu: Security Advisory (USN-6897-1)
2024-07-16 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: ghostscript-10.02.1-12.fc40
2024-07-23 14:06:07
[SECURITY] Fedora 39 Update: ghostscript-10.02.1-7.fc39
2024-07-24 12:12:31
ubuntu
ubuntu
Ghostscript vulnerabilities
2024-07-15 00:00:00