Wind River Support Network

HomeDefectsLIN7-4523

Fixed

LIN7-4523 : Security Advisory - ghostscript - CVE-2015-3228

Created: Aug 16, 2015 Updated: Sep 8, 2018

Resolved Date: Aug 24, 2015

Found In Version: 7.0.0.8

Fix Version: 7.0.0.9

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service (crash) via a crafted Postscript (ps) file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3228

Other Downloads

Wind River Linux 7.0.0.14
Wind River Linux 7.0.0.15
Wind River Linux 7.0.0.16
Wind River Linux 7.0.0.17
Wind River Linux 7.0.0.18
Wind River Linux 7.0.0.19
Wind River Linux 7.0.0.20
Wind River Linux 7.0.0.21
Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2015-3228