Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged

Permalink CVE-2020-27792

created 5 months, 3 weeks ago

Ghostscript: heap buffer over write vulnerability in ghostscript's lp8000_print_page() in gdevlp8k.c

A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service.

References

https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC
RHBZ#2247179 issue-tracking x_refsource_REDHAT
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_refsource_MISC
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-list x_refsource_MLIST
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC
RHBZ#2247179 issue-tracking x_refsource_REDHAT
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_refsource_MISC
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-list x_refsource_MLIST
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC
RHBZ#2247179 issue-tracking x_refsource_REDHAT
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_refsource_MISC
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-list x_refsource_MLIST
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC
RHBZ#2247179 issue-tracking x_refsource_REDHAT
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_refsource_MISC
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-list x_refsource_MLIST
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry x_transferred
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC x_transferred
RHBZ#2247179 issue-tracking x_refsource_REDHAT x_transferred
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_refsource_MISC x_transferred
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_transferred
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-list x_refsource_MLIST x_transferred
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC
RHBZ#2247179 issue-tracking x_refsource_REDHAT
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_refsource_MISC
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-list x_refsource_MLIST
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_transferred
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-list x_refsource_MLIST x_transferred
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry x_transferred
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC x_transferred
RHBZ#2247179 issue-tracking x_refsource_REDHAT x_transferred
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_refsource_MISC x_transferred
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry
RHBZ#2247179 issue-tracking x_refsource_REDHAT
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry x_transferred
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC x_transferred
RHBZ#2247179 issue-tracking x_refsource_REDHAT x_transferred
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_refsource_MISC x_transferred
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_transferred
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-list x_refsource_MLIST x_transferred
RHBZ#2247179 issue-tracking x_refsource_REDHAT
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry x_transferred
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC x_transferred
RHBZ#2247179 issue-tracking x_refsource_REDHAT x_transferred
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_refsource_MISC x_transferred
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_transferred
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-list x_refsource_MLIST x_transferred
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry
RHBZ#2247179 issue-tracking x_refsource_REDHAT
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry x_transferred
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC x_transferred
RHBZ#2247179 issue-tracking x_refsource_REDHAT x_transferred
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_refsource_MISC x_transferred
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_transferred
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-list x_refsource_MLIST x_transferred
RHSA-2025:4362 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry
RHBZ#2247179 issue-tracking x_refsource_REDHAT
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry x_transferred
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC x_transferred
RHBZ#2247179 issue-tracking x_refsource_REDHAT x_transferred
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_refsource_MISC x_transferred
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_transferred
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-list x_refsource_MLIST x_transferred
RHSA-2025:4362 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry
RHBZ#2247179 issue-tracking x_refsource_REDHAT
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC x_transferred
RHBZ#2247179 issue-tracking x_refsource_REDHAT x_transferred
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_refsource_MISC x_transferred
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_transferred
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-list x_refsource_MLIST x_transferred
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry x_transferred
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry
RHBZ#2247179 issue-tracking x_refsource_REDHAT
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7
RHSA-2025:4362 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2020-27792 x_refsource_REDHAT vdb-entry x_transferred
https://bugs.ghostscript.com/show_bug.cgi?id=701844 x_refsource_MISC x_transferred
RHBZ#2247179 issue-tracking x_refsource_REDHAT x_transferred
https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_refsource_MISC x_transferred
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f6bc662909ab79e8fbe9822afb36e8a0eafc2b7 x_transferred
[debian-lts-announce] 20220903 [SECURITY] [DLA 3096-1] ghostscript security update mailing-list x_refsource_MLIST x_transferred

Affected products

ghostscript

==9.27
*

Matching in nixpkgs

pkgs.ghostscriptX

PostScript interpreter (mainline version)

nixos-unstable -
- nixpkgs-unstable 10.05.1

pkgs.ghostscript_headless

PostScript interpreter (mainline version)

nixos-unstable -
- nixpkgs-unstable 10.05.1

pkgs.python312Packages.ghostscript

Interface to the Ghostscript C-API using ctypes

nixos-unstable -
- nixpkgs-unstable 0.7

pkgs.python313Packages.ghostscript

Interface to the Ghostscript C-API using ctypes

nixos-unstable -
- nixpkgs-unstable 0.7

pkgs.tests.texlive.dvipng.ghostscript

None

nixos-unstable -
- nixpkgs-unstable

pkgs.haskellPackages.ghostscript-parallel

Let Ghostscript render pages in parallel

nixos-unstable -
- nixpkgs-unstable 0.0.1

Package maintainers

@tobim Tobias Mayer <nix@tobim.fastmail.fm>
@flokli Florian Klink <flokli@flokli.de>