Mageia 6 MGASA-2018-0465 Critical: Poppler Denial Of Service Issues
mageia
November 22, 2018
In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file
Summary
In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause
infinite recursion via a crafted file. A remote attacker can leverage
this for a DoS attack. (CVE-2018-16646)
An issue was discovered in Poppler 0.71.0. There is a reachable abort in
Object.h, will lead to denial of service because EmbFile::save2 in
FileSpec.cc lacks a stream check before saving an embedded file.
(CVE-2018-19058)
An issue was discovered in Poppler 0.71.0. There is a out-of-bounds read
in EmbFile::save2 in FileSpec.cc, will lead to denial of service, as
demonstrated by utils/pdfdetach.cc not validating embedded files before
save attempts. (CVE-2018-19059)
An issue was discovered in Poppler 0.71.0. There is a NULL pointer
dereference in goo/GooString.h, will lead to denial of service, as
demonstrated by utils/pdfdetach.cc not validating a filename of an
embedded file before constructing a save path. (CVE-2018-19060)
References
- https://bugs.mageia.org/show_bug.cgi?id=23865
- https://www.cve.org/CVERecord?id=CVE-2018-16646
- https://www.cve.org/CVERecord?id=CVE-2018-19058
- https://www.cve.org/CVERecord?id=CVE-2018-19059
- https://www.cve.org/CVERecord?id=CVE-2018-19060
Topics Covered
Resolution
SRPMS
- 6/core/poppler-0.52.0-3.9.mga6
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Publication date: 22 Nov 2018
URL: https://advisories.mageia.org/MGASA-2018-0465.html
Type: security
CVE: CVE-2018-16646,
CVE-2018-19058,
CVE-2018-19059,
CVE-2018-19060
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!