Ghostscript Update Patches Six Critical Vulnerabilities: Code Execution, Buffer Overflow, and Path Traversal Risks

Popular document rendering engine Ghostscript has released a critical security update addressing multiple vulnerabilities, some of which could lead to remote code execution.

Ghostscript, a widely used interpreter for PostScript and PDF files, has patched a series of security flaws in its latest release, version 10.04.0. The vulnerabilities stem from various coding errors within Ghostscript’s handling of different file formats and data structures. These errors can be exploited by malicious actors crafting specially designed PostScript or PDF files, which, when processed by a vulnerable version of Ghostscript, could trigger the flaws and allow for code execution or information disclosure.

Among the most serious vulnerabilities are:

• CVE-2024-46951, CVE-2024-46952, CVE-2024-46953, and CVE-2024-46956: These flaws could allow an attacker to execute arbitrary code by exploiting issues related to unchecked pointers, buffer overflows, and out-of-bounds data access. These vulnerabilities exist in various components of Ghostscript, including the PostScript interpreter and PDF handling modules.

• CVE-2024-46954: This vulnerability involves overlong UTF-8 encoding and could be exploited to achieve directory traversal, potentially granting attackers access to sensitive files.

• CVE-2024-46955: This flaw, while less severe, could lead to an out-of-bounds read, potentially revealing sensitive information.

Given Ghostscript’s role in processing PDF and PostScript files across various applications, these vulnerabilities underscore the critical need for secure document handling, particularly in environments that process external or user-submitted files. The risks associated with arbitrary code execution, path traversal, and buffer overflow vulnerabilities make Ghostscript an attractive target for malicious actors seeking to leverage document-processing vulnerabilities to breach systems.

Users of Ghostscript are strongly urged to update to version 10.04.0 or later to mitigate the risk of exploitation.

Related Posts:

• Researcher Releases PoC for Critical RCE Ghostscript (CVE-2023-36664) Vulnerability
• Malware Hiding in PDFs: What You Need to Know
• Critical Ghostscript Vulnerability Exposes Systems: Immediate Update Recommended
• Palo Alto Networks Investigates Potential Remote Code Execution Vulnerability in PAN-OS
• Frag Ransomware: A New Threat Exploits Veeam Vulnerability (CVE-2024-40711)