Bugzilla – Bug 1214723
VUL-0: CVE-2022-48545: poppler: infinite recursion in Catalog:findDestInTree
Last modified: 2024-05-29 12:15:08 UTC
CVE-2022-48545 An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-48545 https://www.cve.org/CVERecord?id=CVE-2022-48545 https://forum.xpdfreader.com/viewtopic.php?f=3&t=42092
https://forum.xpdfreader.com/viewtopic.php?p=43250&sid=b56148777024a4c01b618ade7be52e8d#p43250 "This is a known issue -- loops in the PDF object structure can cause problems for Xpdf. Xpdf 4 catches some of these cases, but not all of them. I'm working on a more robust loop detector for Xpdf 5."
No upstream fix available. The reproducer does not trigger any direct issue.
BEFORE 15sp4,15sp2,15/poppler: :/214723 # pdftohtml poc.txt /dev/null Syntax Error: loop in NameTree (numObj: 4) <<<<< Syntax Error: failed to look up (wl0) Syntax Warning: Bad named destination value Page-1 :/214723 # 12sp2,12/poppler :/214723 # pdftohtml poc.txt /dev/null Segmentation fault (core dumped) :/214723 # PATCH xpdf bug, patch not available (see comment 1) Considering affected: 12sp2,12/poppler AFTER 12sp2,12/poppler :/214723 # pdftohtml poc.txt /dev/null Syntax Error: loop in NameTree (numObj: 4) Syntax Error: failed to look up (wl0) Page-1 :/214723 #
Will submit for 12sp2,12/poppler.
Packages submitted. I believe all fixed.
SUSE-SU-2023:4362-1: An update that solves nine vulnerabilities can now be installed. Category: security (moderate) Bug References: 1112424, 1112428, 1128114, 1129202, 1140745, 1143570, 1214256, 1214723, 1214726 CVE References: CVE-2018-18454, CVE-2018-18456, CVE-2019-13287, CVE-2019-14292, CVE-2019-9545, CVE-2019-9631, CVE-2020-36023, CVE-2022-37052, CVE-2022-48545 Sources used: SUSE Linux Enterprise Software Development Kit 12 SP5 (src): poppler-qt-0.43.0-16.40.1, poppler-0.43.0-16.40.1 SUSE Linux Enterprise High Performance Computing 12 SP5 (src): poppler-qt-0.43.0-16.40.1, poppler-0.43.0-16.40.1 SUSE Linux Enterprise Server 12 SP5 (src): poppler-qt-0.43.0-16.40.1, poppler-0.43.0-16.40.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): poppler-qt-0.43.0-16.40.1, poppler-0.43.0-16.40.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:4546-1: An update that solves six vulnerabilities can now be installed. Category: security (moderate) Bug References: 1128114, 1129202, 1143570, 1214256, 1214723, 1214726 CVE References: CVE-2019-14292, CVE-2019-9545, CVE-2019-9631, CVE-2020-36023, CVE-2022-37052, CVE-2022-48545 Sources used: SUSE Linux Enterprise Software Development Kit 12 SP5 (src): poppler-0.24.4-14.41.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
done, closing