ALAS-2024-692

Amazon Linux 2023 Security Advisory: ALAS-2024-692
Advisory Release Date: 2024-08-01 04:06 Pacific
Advisory Updated Date: 2024-08-06 15:00 Pacific
Severity: Medium
Issue Overview:

Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name. (CVE-2024-29506)

Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters. (CVE-2024-29507)

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc. (CVE-2024-29508)

Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword (e.g., for runpdf) has a \000 byte in the middle. (CVE-2024-29509)

Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitrary file reading (and writing of error messages to arbitrary files) via OCRLanguage. For example, exploitation can use debug_file /tmp/out and user_patterns_file /etc/passwd. (CVE-2024-29511)


Affected Packages:

ghostscript


Issue Correction:
Run dnf update ghostscript --releasever 2023.5.20240805 to update your system.

New Packages:
aarch64:
    ghostscript-debuginfo-9.56.1-7.amzn2023.0.9.aarch64
    ghostscript-x11-9.56.1-7.amzn2023.0.9.aarch64
    libgs-devel-9.56.1-7.amzn2023.0.9.aarch64
    ghostscript-gtk-debuginfo-9.56.1-7.amzn2023.0.9.aarch64
    ghostscript-tools-fonts-9.56.1-7.amzn2023.0.9.aarch64
    ghostscript-gtk-9.56.1-7.amzn2023.0.9.aarch64
    ghostscript-tools-dvipdf-9.56.1-7.amzn2023.0.9.aarch64
    ghostscript-x11-debuginfo-9.56.1-7.amzn2023.0.9.aarch64
    libgs-debuginfo-9.56.1-7.amzn2023.0.9.aarch64
    ghostscript-tools-printing-9.56.1-7.amzn2023.0.9.aarch64
    libgs-9.56.1-7.amzn2023.0.9.aarch64
    ghostscript-9.56.1-7.amzn2023.0.9.aarch64
    ghostscript-debugsource-9.56.1-7.amzn2023.0.9.aarch64

noarch:
    ghostscript-doc-9.56.1-7.amzn2023.0.9.noarch

src:
    ghostscript-9.56.1-7.amzn2023.0.9.src

x86_64:
    ghostscript-x11-debuginfo-9.56.1-7.amzn2023.0.9.x86_64
    ghostscript-x11-9.56.1-7.amzn2023.0.9.x86_64
    libgs-devel-9.56.1-7.amzn2023.0.9.x86_64
    ghostscript-gtk-debuginfo-9.56.1-7.amzn2023.0.9.x86_64
    ghostscript-debuginfo-9.56.1-7.amzn2023.0.9.x86_64
    libgs-debuginfo-9.56.1-7.amzn2023.0.9.x86_64
    ghostscript-tools-dvipdf-9.56.1-7.amzn2023.0.9.x86_64
    ghostscript-tools-printing-9.56.1-7.amzn2023.0.9.x86_64
    ghostscript-9.56.1-7.amzn2023.0.9.x86_64
    ghostscript-tools-fonts-9.56.1-7.amzn2023.0.9.x86_64
    ghostscript-gtk-9.56.1-7.amzn2023.0.9.x86_64
    libgs-9.56.1-7.amzn2023.0.9.x86_64
    ghostscript-debugsource-9.56.1-7.amzn2023.0.9.x86_64

Additional References

Red Hat: CVE-2024-29506, CVE-2024-29507, CVE-2024-29508, CVE-2024-29509, CVE-2024-29511

Mitre: CVE-2024-29506, CVE-2024-29507, CVE-2024-29508, CVE-2024-29509, CVE-2024-29511