Wind River Support Network

HomeDefectsLIN10-10463
Fixed

LIN10-10463 : Security Advisory - ghostscript - CVE-2020-27792

Created: Aug 20, 2022    Updated: Nov 22, 2022
Resolved Date: Oct 29, 2022
Found In Version: 10.17.41.1
Fix Version: 10.17.41.27
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Userspace

Description

A heap-based buffer over write vulnerability was found in GhostScript's lp8000_print_page() function in gdevlp8k.c file. An attacker could trick a user to open a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service.

CREATE(Triage):(User=admin) CVE-2020-27792 (https://nvd.nist.gov/vuln/detail/CVE-2020-27792)

CVEs

  • Linkedin
  • Facebook
  • Twitter
  • Youtube