Detections
Analytics
Alibaba Cloud Linux 3 : 0141: ghostscript (ALINUX3-SA-2023:0141)
critical Nessus Plugin ID 236281
Synopsis
The remote Alibaba Cloud Linux host is missing one or more security updates.Description
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0141 advisory.Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities:
CVE-2023-28879:
In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written.
CVE-2023-38559:
A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.
CVE-2023-4042:
A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.
CVE-2023-43115:
In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the IJS device inherently must execute a command to start the IJS server).
Tenable has extracted the preceding description block directly from the Alibaba Cloud Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
http://mirrors.aliyun.com/alinux/3/cve/alinux3-sa-20230141.xml
Plugin Details
Severity: Critical
ID: 236281
File Name: alinux3_sa_2023-0141.nasl
Version: 1.1
Type: local
Published: 5/14/2025
Updated: 5/14/2025
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2023-43115
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CVSS Score Source: CVE-2023-28879
Vulnerability Information
CPE: cpe:/o:alibabacloud:alibaba_cloud_linux_3, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ghostscript-tools-dvipdf, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ghostscript-x11, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ghostscript-x11-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libgs-devel, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ghostscript-doc, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ghostscript-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ghostscript-tools-printing, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ghostscript, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ghostscript-gtk, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ghostscript-tools-fonts, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libgs, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libgs-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ghostscript-debugsource, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ghostscript-gtk-debuginfo
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Alibaba/release, Host/Alibaba/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 12/13/2023
Vulnerability Publication Date: 3/31/2023
Reference Information
CVE: CVE-2023-28879, CVE-2023-38559, CVE-2023-4042, CVE-2023-43115