CVE-2019-3838
Advisory lineage Upstream: 0 Downstream: 14
Modified
Published: 25 Mar 2019, 18:30
Last modified:04 Aug 2024, 19:19
Vulnerability Summary
Overall Risk (default)
medium
29/100 CVSS Score
7.3 HIGH
v3.0 (cve.org)
EPSS Score
1.36% LOW
1% probability -0.02%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
25 Mar 2019, 18:30
Published
Vulnerability first disclosed
04 Aug 2024, 19:19
Last Modified
Vulnerability information updated
Description
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.
CVSS Metrics
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
- v3.0•HIGH•Score: 7.3CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
- v2.0•MEDIUM•Score: 4.3AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS Trends
Current EPSS score: 1.36%• Percentile: 81%
Techniques & Countermeasures
- CWE-648•Incorrect Use of Privileged APIs
The product does not conform to the API requirements for a function call that requires extra privileges. This could allow attackers to gain privileges by causing the function to be called incorrectly.
Affected Systems
- Unknown•Ghostscript
< 9.27
- debian•debian_linux
8.0 | 9.0
- fedoraproject•fedora
28 | 29 | 30
- opensuse•leap
15.0 | 42.3
- redhat•ansible_tower
3.3
- redhat•enterprise_linux
5.0 | 6.0
- redhat•enterprise_linux_desktop
7.0
- redhat•enterprise_linux_server
7.0
- redhat•enterprise_linux_server_aus
7.6
- redhat•enterprise_linux_server_eus
7.6
- redhat•enterprise_linux_server_tus
7.6
- redhat•enterprise_linux_workstation
7.0
- the ghostscript project•ghostscript
9.27
References (15)
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3838
- https://bugs.ghostscript.com/show_bug.cgi?id=700576
- https://access.redhat.com/errata/RHSA-2019:0652
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVERLGEU3OV6RNZ2SIBXREWD3BF5H23N/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANBSCZABXQUEQWIKNWJ35IYX24M227EI/
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00018.html
- https://seclists.org/bugtraq/2019/Apr/4
- http://packetstormsecurity.com/files/152367/Slackware-Security-Advisory-ghostscript-Updates.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A43SRQAEHQCKSEMIBINHUNIGHTDCZD7F/
- https://www.debian.org/security/2019/dsa-4432
- https://seclists.org/bugtraq/2019/Apr/28
- https://lists.debian.org/debian-lts-announce/2019/04/msg00021.html
- https://access.redhat.com/errata/RHSA-2019:0971
- https://security.gentoo.org/glsa/202004-03