Bug 1134156 - (CVE-2019-3839) VUL-0: CVE-2019-3839: ghostscript,ghostscript-library: missing attack vector protections for CVE-2019-6116
(CVE-2019-3839)
VUL-0: CVE-2019-3839: ghostscript,ghostscript-library: missing attack vector ...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Major
: ---
Assigned To: Dr. Werner Fink
Security Team bot
https://smash.suse.de/issue/231936/
CVSSv3:SUSE:CVE-2019-3839:7.3:(AV:N/A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-05-06 07:43 UTC by Alexandros Toptsoglou
Modified: 2020-06-10 03:53 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexandros Toptsoglou 2019-05-06 07:43:35 UTC
CVE-2019-3839

It was found that some additional operators and dictionaries were needed to be hidden in order to prevent other CVE-2019-6116 attacks.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1673304
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-3839
Comment 1 Alexandros Toptsoglou 2019-05-06 07:46:00 UTC
[1] and [2] are needed in addition to the fix of CVE-2019-6116 so that the issue to be solved. 

All codestreams seem affected.

[1] http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4ec9ca7
[2] http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=db24f25
Comment 2 Johannes Meixner 2019-05-06 08:11:04 UTC
[1] and [2] in comment#1 are in Ghostscript 9.27
so that this issue is fixed in Ghostscript 9.27
which I submitted right now to openSUSE:Factory, see
https://bugzilla.suse.com/show_bug.cgi?id=1131863#c4
but currently Ghostscript 9.27 cannot be in openSUSE Leap 15.0/15.1, see
https://bugzilla.suse.com/show_bug.cgi?id=1131863#c1
Comment 4 Dr. Werner Fink 2019-09-16 11:37:18 UTC
Part of gs 9.27
Comment 5 Swamp Workflow Management 2019-09-25 13:12:18 UTC
SUSE-SU-2019:2460-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 1129180,1129186,1134156,1140359,1146882,1146884
CVE References: CVE-2019-12973,CVE-2019-14811,CVE-2019-14812,CVE-2019-14813,CVE-2019-14817,CVE-2019-3835,CVE-2019-3839
Sources used:
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    ghostscript-mini-9.27-3.21.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    ghostscript-mini-9.27-3.21.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    ghostscript-9.27-3.21.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    ghostscript-9.27-3.21.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 6 Swamp Workflow Management 2019-09-26 16:17:41 UTC
SUSE-SU-2019:2478-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 1129180,1131863,1134156,1140359,1146882,1146884
CVE References: CVE-2019-12973,CVE-2019-14811,CVE-2019-14812,CVE-2019-14813,CVE-2019-14817,CVE-2019-3835,CVE-2019-3839
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    ghostscript-9.27-23.28.1
SUSE OpenStack Cloud 8 (src):    ghostscript-9.27-23.28.1
SUSE OpenStack Cloud 7 (src):    ghostscript-9.27-23.28.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    ghostscript-9.27-23.28.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    ghostscript-9.27-23.28.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    ghostscript-9.27-23.28.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    ghostscript-9.27-23.28.1
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    ghostscript-9.27-23.28.1
SUSE Linux Enterprise Server 12-SP5 (src):    ghostscript-9.27-23.28.1
SUSE Linux Enterprise Server 12-SP4 (src):    ghostscript-9.27-23.28.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    ghostscript-9.27-23.28.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    ghostscript-9.27-23.28.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    ghostscript-9.27-23.28.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    ghostscript-9.27-23.28.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    ghostscript-9.27-23.28.1
SUSE Linux Enterprise Desktop 12-SP5 (src):    ghostscript-9.27-23.28.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    ghostscript-9.27-23.28.1
SUSE Enterprise Storage 5 (src):    ghostscript-9.27-23.28.1
SUSE Enterprise Storage 4 (src):    ghostscript-9.27-23.28.1
HPE Helion Openstack 8 (src):    ghostscript-9.27-23.28.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Swamp Workflow Management 2019-09-30 19:15:25 UTC
openSUSE-SU-2019:2223-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 1129180,1129186,1134156,1140359,1146882,1146884
CVE References: CVE-2019-12973,CVE-2019-14811,CVE-2019-14812,CVE-2019-14813,CVE-2019-14817,CVE-2019-3835,CVE-2019-3839
Sources used:
openSUSE Leap 15.1 (src):    ghostscript-9.27-lp151.3.6.1, ghostscript-mini-9.27-lp151.3.6.1
Comment 8 Swamp Workflow Management 2019-09-30 19:19:14 UTC
openSUSE-SU-2019:2222-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 1129180,1129186,1134156,1140359,1146882,1146884
CVE References: CVE-2019-12973,CVE-2019-14811,CVE-2019-14812,CVE-2019-14813,CVE-2019-14817,CVE-2019-3835,CVE-2019-3839
Sources used:
openSUSE Leap 15.0 (src):    ghostscript-9.27-lp150.2.23.1, ghostscript-mini-9.27-lp150.2.23.1
Comment 9 Marcus Meissner 2020-01-28 07:31:44 UTC
released