An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509.
The MITRE CVE dictionary describes this issue as:
Find out more about CVE-2018-16802 from the MITRE CVE dictionary dictionary and NIST NVD.
This issue affects the versions of ghostscript as shipped with Red Hat Enterprise Linux 7. This issue did not affect the versions of ghostscript as shipped with Red Hat Enterprise Linux 5 and 6.
| CVSS3 Base Score | 7.3 |
|---|---|
| CVSS3 Base Metrics | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
| Attack Vector | Network |
| Attack Complexity | Low |
| Privileges Required | None |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality | Low |
| Integrity Impact | Low |
| Availability Impact | Low |
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux 7 (ghostscript) | RHSA-2018:3834 | 2018-12-17 |
| Platform | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 6 | ghostscript | Not affected |
| Red Hat Enterprise Linux 5 | ghostscript | Not affected |
Please refer to the "Mitigation" section of CVE-2018-16509 : https://access.redhat.com/security/cve/cve-2018-16509
Vulmon