CVE-2018-16539

NameCVE-2018-16539
DescriptionIn Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1504-1, DSA-4288-1
Debian Bugs907332

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ghostscript (PTS)stretch9.26a~dfsg-0+deb9u6fixed
stretch (security)9.26a~dfsg-0+deb9u9fixed
buster, buster (security)9.27~dfsg-2+deb10u5fixed
bullseye (security), bullseye9.53.3~dfsg-7+deb11u2fixed
bookworm, sid9.56.1~dfsg-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
ghostscriptsourcejessie9.06~dfsg-2+deb8u8DLA-1504-1
ghostscriptsourcestretch9.20~dfsg-3.2+deb9u4DSA-4288-1
ghostscriptsource(unstable)9.22~dfsg-3907332

Notes

https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=a054156d425b4dbdaaa9fda4b5f1182b27598c2b
https://bugs.ghostscript.com/show_bug.cgi?id=699658
To not break cups with https://github.com/apple/cups/issues/5392
an additional (no-security) followup fix is needed as:
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=150c8f69646b854a99f35f27edaae012eb2e900f
Cf. https://bugs.debian.org/908300

Search for package or bug name: Reporting problems