Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 24.10, 24.04 LTS: USN-7473-1 moderate: Ghostscript Denial of Service

ubuntu
Calendar Grey May 1, 2025
Dist Ubuntu Esm H88
Security vulnerability in Ghostscript on Ubuntu could result in system instability or unauthorized file access from maliciously designed files. Update advised.
Ghostscript could be made to crash, run programs, or read files if it opened a specially crafted file.

Summary

Ghostscript could be made to crash, run programs, or read files if it

opened a specially crafted file.

Software Description:

- ghostscript: PostScript and PDF interpreter

Details:

It was discovered that Ghostscript incorrectly handled parsing certain PS

files. An attacker could use this issue to cause Ghostscript to crash,

resulting in a denial of service, or possibly bypass file path validation.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
   ghostscript                     10.03.1~dfsg1-0ubuntu2.3
   libgs10                         10.03.1~dfsg1-0ubuntu2.3

Ubuntu 24.04 LTS
   ghostscript                     10.02.1~dfsg1-0ubuntu7.6
   libgs10                         10.02.1~dfsg1-0ubuntu7.6

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7473-1

CVE-2025-46646

Ubuntu Security Notice USN-7473-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here