CVE-2023-38559

Summary

A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.

Affected Software

VendorProductVersion RangeStatus
Red HatRed Hat Enterprise Linux 80:9.27-11.el8 < *unaffected
Red HatRed Hat Enterprise Linux 90:9.54.0-13.el9 < *unaffected

Weaknesses

  • CWE-125: Out-of-bounds Read

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References