SB2018042205 - Multiple vulnerabilities in MuPDF

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2018-16647)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.

2) Input validation error (CVE-ID: CVE-2018-16648)

The vulnerability allows remote attackers to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (segmentation fault) via a crafted pdf file.

3) Infinite loop (CVE-ID: CVE-2018-10289)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file.

Remediation

Install update from vendor's website.

References

• https://bugs.ghostscript.com/show_bug.cgi?id=699686
• https://lists.debian.org/debian-lts-announce/2020/07/msg00019.html
• https://bugs.ghostscript.com/show_bug.cgi?id=699685
• https://bugs.ghostscript.com/show_bug.cgi?id=699271