A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service.

According to the versions of the ghostscript packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

  - A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the     gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering     the heap buffer overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the     gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering     the heap buffer overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of ghostscript installed on the remote host is prior to 8.70-24.27. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1725 advisory.

  - A heap-based buffer over write vulnerability was found in GhostScript's lp8000_print_page() function in     gdevlp8k.c file. An attacker could trick a user to open a crafted PDF file, triggering the heap buffer     overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ghostscript installed on the remote host is prior to 9.25-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1947 advisory.

  - A heap-based buffer over write vulnerability was found in GhostScript's lp8000_print_page() function in     gdevlp8k.c file. An attacker could trick a user to open a crafted PDF file, triggering the heap buffer     overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5643-1 advisory.

  - A heap-based buffer over write vulnerability was found in GhostScript's lp8000_print_page() function in     gdevlp8k.c file. An attacker could trick a user to open a crafted PDF file, triggering the heap buffer     overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

  - A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a     large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined     for the device that uses it as a prototype that depends upon the number of bits per pixel. For bpp > 64,     mem_x_device is used and does not have an init_device_procs defined. This flaw allows an attacker to parse     a large number of bits (more than 64 bits per pixel), which triggers a NULL pointer dereference flaw,     causing an application to crash. (CVE-2022-2085)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5618-1 advisory.

  - A heap-based buffer over write vulnerability was found in GhostScript's lp8000_print_page() function in     gdevlp8k.c file. An attacker could trick a user to open a crafted PDF file, triggering the heap buffer     overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3096 advisory.

  - A heap-based buffer over write vulnerability was found in GhostScript's lp8000_print_page() function in     gdevlp8k.c file. An attacker could trick a user to open a crafted PDF file, triggering the heap buffer     overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
178874	EulerOS Virtualization 3.0.6.6 : ghostscript (EulerOS-SA-2023-2423)	Nessus	Huawei Local Security Checks	high
177074	EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2023-2144)	Nessus	Huawei Local Security Checks	high
173933	Amazon Linux AMI : ghostscript (ALAS-2023-1725)	Nessus	Amazon Linux Local Security Checks	high
171813	Amazon Linux 2 : ghostscript (ALAS-2023-1947)	Nessus	Amazon Linux Local Security Checks	high
165504	Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Ghostscript vulnerabilities (USN-5643-1)	Nessus	Ubuntu Local Security Checks	high
165278	Ubuntu 16.04 ESM : Ghostscript vulnerability (USN-5618-1)	Nessus	Ubuntu Local Security Checks	high
164676	Debian DLA-3096-1 : ghostscript - LTS security update	Nessus	Debian Local Security Checks	high

Detections

Analytics

CVE-2020-27792

high

Tenable Plugins

high

high

high

high

high

high

high