| Name | CVE-2018-16802 |
| Description | An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509. |
| Source | CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| References | DLA-1504-1, DSA-4294-1 |
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|---|---|---|
| ghostscript (PTS) | bullseye | 9.53.3~dfsg-7+deb11u7 | fixed |
| bullseye (security) | 9.53.3~dfsg-7+deb11u11 | fixed | |
| bookworm | 10.0.0~dfsg-11+deb12u7 | fixed | |
| bookworm (security) | 10.0.0~dfsg-11+deb12u8 | fixed | |
| trixie | 10.05.1~dfsg-1 | fixed | |
| trixie (security) | 10.05.1~dfsg-1+deb13u1 | fixed | |
| forky | 10.05.1~dfsg-3 | fixed | |
| sid | 10.06.0~dfsg-3 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| ghostscript | source | experimental | 9.25~dfsg-1~exp1 | |||
| ghostscript | source | jessie | 9.06~dfsg-2+deb8u8 | DLA-1504-1 | ||
| ghostscript | source | stretch | 9.20~dfsg-3.2+deb9u5 | DSA-4294-1 | ||
| ghostscript | source | (unstable) | 9.25~dfsg-1 |
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3e5d316b72e3965b7968bb1d96baa137cd063ac6
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=643b24dbd002fb9c131313253c307cf3951b3d47
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5812b1b78fc4d36fdc293b7859de69241140d590