Bugzilla – Bug 1107410
VUL-0: CVE-2018-16509: ghostscript,ghostscript-library: /invalidaccess bypass after failed restore (699654)
Last modified: 2019-05-17 13:33:24 UTC
rh#1619748 An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. References: https://bugzilla.redhat.com/show_bug.cgi?id=1619748 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16509 http://seclists.org/oss-sec/2018/q3/142 http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=78911a01b67d590b4a91afac2e8417360b934156 http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5516c614dc33662a2afdc377159f70218e67bde5 http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=79cccf641486a6595c43f1de1cd7ade696020a31 https://www.artifex.com/news/ghostscript-security-resolved/
Customer shared some references: https://www.kb.cert.org/vuls/id/332928 https://ghostscript.com/doc/9.24/History9.htm#Version9.24 https://bugs.chromium.org/p/project-zero/issues/detail?id=1640#c9 https://www.kb.cert.org/vuls/id/WDON-B3UK3T
SUSE-SU-2018:2975-1: An update that fixes 16 vulnerabilities is now available. Category: security (important) Bug References: 1106171,1106172,1106173,1106195,1107410,1107411,1107412,1107413,1107420,1107421,1107422,1107423,1107426,1107581,1108027,1109105 CVE References: CVE-2018-15908,CVE-2018-15909,CVE-2018-15910,CVE-2018-15911,CVE-2018-16509,CVE-2018-16510,CVE-2018-16511,CVE-2018-16513,CVE-2018-16539,CVE-2018-16540,CVE-2018-16541,CVE-2018-16542,CVE-2018-16543,CVE-2018-16585,CVE-2018-16802,CVE-2018-17183 Sources used: SUSE OpenStack Cloud 7 (src): ghostscript-9.25-23.13.1 SUSE Linux Enterprise Software Development Kit 12-SP3 (src): ghostscript-9.25-23.13.1 SUSE Linux Enterprise Server for SAP 12-SP2 (src): ghostscript-9.25-23.13.1 SUSE Linux Enterprise Server 12-SP3 (src): ghostscript-9.25-23.13.1 SUSE Linux Enterprise Server 12-SP2-LTSS (src): ghostscript-9.25-23.13.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): ghostscript-9.25-23.13.1 SUSE Linux Enterprise Server 12-LTSS (src): ghostscript-9.25-23.13.1 SUSE Linux Enterprise Desktop 12-SP3 (src): ghostscript-9.25-23.13.1 SUSE Enterprise Storage 4 (src): ghostscript-9.25-23.13.1
SUSE-SU-2018:2976-1: An update that fixes 16 vulnerabilities is now available. Category: security (important) Bug References: 1106171,1106172,1106173,1106195,1107410,1107411,1107412,1107413,1107420,1107421,1107422,1107423,1107426,1107581,1108027,1109105 CVE References: CVE-2018-15908,CVE-2018-15909,CVE-2018-15910,CVE-2018-15911,CVE-2018-16509,CVE-2018-16510,CVE-2018-16511,CVE-2018-16513,CVE-2018-16539,CVE-2018-16540,CVE-2018-16541,CVE-2018-16542,CVE-2018-16543,CVE-2018-16585,CVE-2018-16802,CVE-2018-17183 Sources used: SUSE Linux Enterprise Module for Desktop Applications 15 (src): libspectre-0.2.8-3.2.1 SUSE Linux Enterprise Module for Basesystem 15 (src): ghostscript-9.25-3.6.1
openSUSE-SU-2018:3036-1: An update that fixes 16 vulnerabilities is now available. Category: security (important) Bug References: 1106171,1106172,1106173,1106195,1107410,1107411,1107412,1107413,1107420,1107421,1107422,1107423,1107426,1107581,1108027,1109105 CVE References: CVE-2018-15908,CVE-2018-15909,CVE-2018-15910,CVE-2018-15911,CVE-2018-16509,CVE-2018-16510,CVE-2018-16511,CVE-2018-16513,CVE-2018-16539,CVE-2018-16540,CVE-2018-16541,CVE-2018-16542,CVE-2018-16543,CVE-2018-16585,CVE-2018-16802,CVE-2018-17183 Sources used: openSUSE Leap 42.3 (src): ghostscript-9.25-14.9.1, ghostscript-mini-9.25-14.9.1
openSUSE-SU-2018:3038-1: An update that fixes 16 vulnerabilities is now available. Category: security (important) Bug References: 1106171,1106172,1106173,1106195,1107410,1107411,1107412,1107413,1107420,1107421,1107422,1107423,1107426,1107581,1108027,1109105 CVE References: CVE-2018-15908,CVE-2018-15909,CVE-2018-15910,CVE-2018-15911,CVE-2018-16509,CVE-2018-16510,CVE-2018-16511,CVE-2018-16513,CVE-2018-16539,CVE-2018-16540,CVE-2018-16541,CVE-2018-16542,CVE-2018-16543,CVE-2018-16585,CVE-2018-16802,CVE-2018-17183 Sources used: openSUSE Leap 15.0 (src): ghostscript-9.25-lp150.2.6.1, ghostscript-mini-9.25-lp150.2.6.1, libspectre-0.2.8-lp150.2.3.1
SUSE-SU-2018:2975-2: An update that fixes 16 vulnerabilities is now available. Category: security (important) Bug References: 1106171,1106172,1106173,1106195,1107410,1107411,1107412,1107413,1107420,1107421,1107422,1107423,1107426,1107581,1108027,1109105 CVE References: CVE-2018-15908,CVE-2018-15909,CVE-2018-15910,CVE-2018-15911,CVE-2018-16509,CVE-2018-16510,CVE-2018-16511,CVE-2018-16513,CVE-2018-16539,CVE-2018-16540,CVE-2018-16541,CVE-2018-16542,CVE-2018-16543,CVE-2018-16585,CVE-2018-16802,CVE-2018-17183 Sources used: SUSE Linux Enterprise Server 12-SP2-BCL (src): ghostscript-9.25-23.13.1
SUSE-SU-2018:3330-1: An update that fixes 8 vulnerabilities is now available. Category: security (important) Bug References: 1050893,1106173,1107410,1107412,1107413,1107420,1107421,1107426 CVE References: CVE-2017-9611,CVE-2018-15910,CVE-2018-16509,CVE-2018-16511,CVE-2018-16513,CVE-2018-16540,CVE-2018-16541,CVE-2018-16542 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): ghostscript-library-8.62-32.47.13.1 SUSE Linux Enterprise Server 11-SP4 (src): ghostscript-library-8.62-32.47.13.1 SUSE Linux Enterprise Server 11-SP3-LTSS (src): ghostscript-library-8.62-32.47.13.1 SUSE Linux Enterprise Point of Sale 11-SP3 (src): ghostscript-library-8.62-32.47.13.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): ghostscript-library-8.62-32.47.13.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): ghostscript-library-8.62-32.47.13.1
An update workflow for this issue was started. This issue was rated as important. Please submit fixed packages until 2018-11-07. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/64172
SUSE-SU-2018:2975-3: An update that fixes 16 vulnerabilities is now available. Category: security (important) Bug References: 1106171,1106172,1106173,1106195,1107410,1107411,1107412,1107413,1107420,1107421,1107422,1107423,1107426,1107581,1108027,1109105 CVE References: CVE-2018-15908,CVE-2018-15909,CVE-2018-15910,CVE-2018-15911,CVE-2018-16509,CVE-2018-16510,CVE-2018-16511,CVE-2018-16513,CVE-2018-16539,CVE-2018-16540,CVE-2018-16541,CVE-2018-16542,CVE-2018-16543,CVE-2018-16585,CVE-2018-16802,CVE-2018-17183 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): ghostscript-9.25-23.13.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
all released