VDB
WID-SEC-W-2024-1444
WID-SEC-W-2024-1444
PUBLISHED
Ghostscript ist ein kostenloser Interpreter der Seitenbeschreibungssprachen PostScript und Portable Document Format (PDF).
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fedora Linux | ||
| Ubuntu Linux | ||
| Amazon Linux 2 | ||
| Dell NetWorker | ||
| Debian Linux | ||
| Red Hat Enterprise Linux | ||
| Open Source Ghostscript <10.03.1 | ||
| SUSE Linux | ||
| Open Source Ghostscript 10.03.1 | ||
| Oracle Linux | ||
| EMC Avamar | ||
| Xerox FreeFlow Print Server v9 for Solaris | ||
| Gentoo Linux |
Exploit Intelligence
- A WordPress demo lab for CVE-2024-2961 & CVE-2024-29510 (github-poc-repo)
- POC code for CVE-2024-29510 and demo VulnApp (github-poc)
- https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation/ (circl)
- https://security.gentoo.org/glsa/202409-03 (circl)
- https://bugzilla.redhat.com/show_bug.cgi?id=2293959 (circl)
- https://access.redhat.com/security/cve/CVE-2024-29510 (circl)
- https://access.redhat.com/security/cve/CVE-2024-33869 (circl)
- https://access.redhat.com/security/cve/CVE-2024-33870 (circl)
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-f433c5c4da (circl)
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-c45c747f02 (circl)
…and 17 more exploits
Timeline
- Jun 24, 2024 CVE Published
- Jan 12, 2025 CVE Updated
- Mar 31, 2026 Distribution Patch
- Mar 31, 2026 Distribution Patch
- Mar 31, 2026 Distribution Patch
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1444.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1444 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2293950 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2293958 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2293959 url
- https://access.redhat.com/security/cve/CVE-2024-29510 url
- https://access.redhat.com/security/cve/CVE-2024-33869 url
- https://access.redhat.com/security/cve/CVE-2024-33870 url
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-f433c5c4da url
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-c45c747f02 url
- https://lists.suse.com/pipermail/sle-security-updates/2024-July/018850.html url
- https://lists.suse.com/pipermail/sle-security-updates/2024-July/018860.html url
- https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation/ url
- https://ubuntu.com/security/notices/USN-6835-1 url
- https://lists.debian.org/debian-security-announce/2024/msg00102.html url
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-52192927d8 url
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-053b8330a1 url
- https://alas.aws.amazon.com/AL2/ALAS-2024-2597.html url
- https://www.dell.com/support/kbdoc/de-de/000227573/dsa-2024-348-security-update-for-dell-avamar-dell-networker-virtual-edition-nve-and-dell-powerprotect-dp-series-appliance-dell-integrated-data-protection-appliance-idpa-security-update-for-multiple-vulnerabilities url
- https://alas.aws.amazon.com/AL2/ALAS-2024-2612.html url
…and 5 more