CVE-2020-27792

Ghostscript: heap buffer over write vulnerability in ghostscript's lp8000_print_page() in gdevlp8k.c

Severity Score

7.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service.

Se encontró una vulnerabilidad de escritura excesiva en el búfer en la región heap de la memoria en la función lp8000_print_page() de GhostScript en el archivo gdevlp8k.c. Un atacante podría engañar a un usuario para que abriera un archivo PDF diseñado, desencadenando el desbordamiento del búfer de la pila que podría conllevar la corrupción de la memoria o una denegación de servicio.

*Credits: N/A

CVSS Scores

NISTv3.1 7.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-10-27 CVE Reserved
2022-08-19 CVE Published
2023-12-19 First Exploit
2024-10-01 EPSS Updated
2024-11-25 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CAPEC

References (6)

URL	Tag	Source
https://access.redhat.com/security/cve/CVE-2020-27792	Vdb Entry
https://bugzilla.redhat.com/show_bug.cgi?id=2247179	Issue Tracking
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7
https://lists.debian.org/debian-lts-announce/2022/09/msg00005.html	Mailing List

URL	Date	SRC
https://bugs.ghostscript.com/show_bug.cgi?id=701844	2023-12-19

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Artifex Search vendor "Artifex"		Ghostscript Search vendor "Artifex" for product "Ghostscript"				<= 9.50 Search vendor "Artifex" for product "Ghostscript" and version " <= 9.50"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0"		-		Affected