USN-6897-1

Advisory lineage Upstream: 10 Downstream: 0
Published: 15 Jul 2024, 11:27
Last modified:22 Apr 2026, 10:49

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

15 Jul 2024, 11:27
Published
Vulnerability first disclosed
22 Apr 2026, 10:49
Last Modified
Vulnerability information updated

Description

ghostscript vulnerabilities It was discovered that Ghostscript incorrectly handled certain long PDF filter names. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-29506) It was discovered that Ghostscript incorrectly handled certain API parameters. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-29507) It was discovered that Ghostscript incorrectly handled certain BaseFont names. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2024-29508) It was discovered that Ghostscript incorrectly handled certain PDF passwords that contained NULL bytes. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-29509) It was discovered that Ghostscript incorrectly handled certain certain file paths when doing OCR. An attacker could use this issue to read arbitrary files and write error messages to arbitrary files. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-29511)

Affected Systems

  • ubuntughostscript

    < 9.50~dfsg-5ubuntu4.13 | < 9.55.0~dfsg1-0ubuntu5.9 | < 10.02.1~dfsg1-0ubuntu7.3

References (6)