CVE-2024-29506

Name	CVE-2024-29506
Description	Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-5760-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
ghostscript (PTS)	jessie, jessie (lts)	9.26a~dfsg-0+deb8u12	fixed
	stretch (security)	9.26a~dfsg-0+deb9u9	fixed
	stretch (lts), stretch	9.26a~dfsg-0+deb9u12	fixed
	buster (security), buster, buster (lts)	9.27~dfsg-2+deb10u9	fixed
	bullseye (security), bullseye	9.53.3~dfsg-7+deb11u7	fixed
	bookworm	10.0.0~dfsg-11+deb12u4	vulnerable
	bookworm (security)	10.0.0~dfsg-11+deb12u5	fixed
	trixie, sid	10.03.1~dfsg-2	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin
ghostscript	source	jessie	(not affected)
ghostscript	source	stretch	(not affected)
ghostscript	source	buster	(not affected)
ghostscript	source	bullseye	(not affected)
ghostscript	source	bookworm	10.0.0~dfsg-11+deb12u5	DSA-5760-1
ghostscript	source	(unstable)	10.03.0~dfsg-1

Notes

[bullseye] - ghostscript <not-affected> (Vulnerable code introduced later)
https://bugs.ghostscript.com/show_bug.cgi?id=707510
https://www.openwall.com/lists/oss-security/2024/07/03/7
Introduced with: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=316c3a08269212f1005709da64efcb383f8f5ce0 (ghostpdl-9.55.0rc1)
Fixed by: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=77dc7f699beba606937b7ea23b50cf5974fa64b1 (ghostpdl-10.03.0)
[buster] - ghostscript <not-affected> (Vulnerable code introduced later)
[stretch] - ghostscript <not-affected> (Vulnerable code introduced later)
[jessie] - ghostscript <not-affected> (Vulnerable code introduced later)