Mageia 9: MGASA-2024-0353 Critical: htmldoc Buffer Overflow
mageia
November 9, 2024
HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node
Summary
HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in
ps-pdf.cxx because of an attempt to strip leading whitespace from a
whitespace-only node. (CVE-2024-45508)
HTMLDOC v1.9.18 contains a buffer overflow in parse_pre
function,ps-pdf.cxx:5681. (CVE-2024-46478)
References
- https://bugs.mageia.org/show_bug.cgi?id=33737
-
- https://www.cve.org/CVERecord?id=CVE-2024-45508
- https://www.cve.org/CVERecord?id=CVE-2024-46478
Resolution
SRPMS
- 9/core/htmldoc-1.9.15-3.1.mga9
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Publication date: 09 Nov 2024
URL: https://advisories.mageia.org/MGASA-2024-0353.html
Type: security
CVE: CVE-2024-45508,
CVE-2024-46478
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!