DescriptionPDFio is a C library for reading and writing PDF files. In versions 1.1.0 and prior, a denial of service vulnerability exists in the pdfio parser. Crafted pdf files can cause the program to run at 100% utilization and never terminate. This is different from CVE-2023-24808. A patch for this issue is available in version 1.1.1.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1034155

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ippsample (PTS)sid, bookworm0.0~git20220607.72f89b3-1vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs


[bookworm] - ippsample <no-dsa> (Minor issue) (v1.1.1)

Search for package or bug name: Reporting problems