A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service.

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:4362 advisory.

    * ghostscript: heap buffer over write vulnerability in GhostScript's lp8000_print_page() in gdevlp8k.c     (CVE-2020-27792)
      * ghostscript: dangling pointer in gdev_prn_open_printer_seekable() (CVE-2023-46751)
      * ghostscript: Buffer Overflow in Ghostscript PDF XRef Stream Handling (CVE-2024-46952)
      * ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space (CVE-2024-46951)
      * ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding (CVE-2024-46954)
      * ghostscript: Path Traversal and Code Execution via Integer Overflow in Ghostscript (CVE-2024-46953)
      * ghostscript: Out-of-Bounds Data Access in Ghostscript Leads to Arbitrary Code Execution     (CVE-2024-46956)

Tenable has extracted the preceding description block directly from the AlmaLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-4362 advisory.

    - RHEL-18396 CVE-2023-46751 ghostscript: dangling pointer in gdev_prn_open_printer_seekable()
    - RHEL-67046 CVE-2024-46951 ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color     Space
    - RHEL-15067 CVE-2020-27792 ghostscript: heap buffer over write vulnerability in GhostScript's     lp8000_print_page() in gdevlp8k.c
    - RHEL-67051 CVE-2024-46954 ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding
    - RHEL-67051 CVE-2024-46953 ghostscript: Path Traversal and Code Execution via Integer Overflow in     Ghostscript

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:4362 advisory.

    The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript     translates PostScript code to common bitmap formats so that the code can be displayed or printed.

    Security Fix(es):

    * ghostscript: heap buffer over write vulnerability in GhostScript's lp8000_print_page() in gdevlp8k.c     (CVE-2020-27792)

    * ghostscript: dangling pointer in gdev_prn_open_printer_seekable() (CVE-2023-46751)

    * ghostscript: Buffer Overflow in Ghostscript PDF XRef Stream Handling (CVE-2024-46952)

    * ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space (CVE-2024-46951)

    * ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding (CVE-2024-46954)

    * ghostscript: Path Traversal and Code Execution via Integer Overflow in Ghostscript (CVE-2024-46953)

    * ghostscript: Out-of-Bounds Data Access in Ghostscript Leads to Arbitrary Code Execution (CVE-2024-46956)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the     gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering     the heap buffer overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

Note that Nessus relies on the presence of the package as reported by the vendor.

According to the versions of the ghostscript packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

  - A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the     gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering     the heap buffer overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the     gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering     the heap buffer overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of ghostscript installed on the remote host is prior to 8.70-24.27. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1725 advisory.

    A heap-based buffer over write vulnerability was found in GhostScript's lp8000_print_page() function in     gdevlp8k.c file. An attacker could trick a user to open a crafted PDF file, triggering the heap buffer     overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ghostscript installed on the remote host is prior to 9.25-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1947 advisory.

    A heap-based buffer over write vulnerability was found in GhostScript's lp8000_print_page() function in     gdevlp8k.c file. An attacker could trick a user to open a crafted PDF file, triggering the heap buffer     overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5643-1 advisory.

    It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system     were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause     GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue     only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-27792)

    It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system     were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause     GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue     only affected Ubuntu 22.04 LTS. (CVE-2022-2085)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5618-1 advisory.

    It was discovered the Ghostscript incorrectly handled memory when processing certain inputs. By tricking a     user into opening a specially crafted PDF file, an attacker could cause the program to crash.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3096 advisory.

    -------------------------------------------------------------------------     Debian LTS Advisory DLA-3096-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                      Markus Koschany     September 04, 2022                            https://wiki.debian.org/LTS
    -------------------------------------------------------------------------

    Package        : ghostscript     Version        : 9.27~dfsg-2+deb10u6     CVE ID         : CVE-2020-27792

    A heap-based buffer over write vulnerability was found in GhostScript, the GPL     PostScript/PDF interpreter. An attacker could trick a user to open a crafted     PDF file, triggering the heap buffer overflow that could lead to memory     corruption or a denial of service.

    For Debian 10 buster, this problem has been fixed in version     9.27~dfsg-2+deb10u6.

    We recommend that you upgrade your ghostscript packages.

    For the detailed security status of ghostscript please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/ghostscript

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS     Attachment:
    signature.asc     Description: This is a digitally signed message part

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
235148	AlmaLinux 8 : ghostscript (ALSA-2025:4362)	Nessus	Alma Linux Local Security Checks	high
235035	Oracle Linux 8 : ghostscript (ELSA-2025-4362)	Nessus	Oracle Linux Local Security Checks	high
235015	RHEL 8 : ghostscript (RHSA-2025:4362)	Nessus	Red Hat Local Security Checks	high
223572	Linux Distros Unpatched Vulnerability : CVE-2020-27792	Nessus	Misc.	high
178874	EulerOS Virtualization 3.0.6.6 : ghostscript (EulerOS-SA-2023-2423)	Nessus	Huawei Local Security Checks	high
177074	EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2023-2144)	Nessus	Huawei Local Security Checks	high
173933	Amazon Linux AMI : ghostscript (ALAS-2023-1725)	Nessus	Amazon Linux Local Security Checks	high
171813	Amazon Linux 2 : ghostscript (ALAS-2023-1947)	Nessus	Amazon Linux Local Security Checks	high
165504	Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Ghostscript vulnerabilities (USN-5643-1)	Nessus	Ubuntu Local Security Checks	high
165278	Ubuntu 16.04 ESM : Ghostscript vulnerability (USN-5618-1)	Nessus	Ubuntu Local Security Checks	high
164676	Debian dla-3096 : ghostscript - security update	Nessus	Debian Local Security Checks	high

Detections

Analytics

CVE-2020-27792

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high