Medium severity6.5NVD Advisory· Published Jun 2, 2017· Updated Jun 17, 2026
CVE-2017-9406
CVE-2017-9406
Description
In Poppler 0.54.0, a memory leak vulnerability was found in the function gmalloc in gmem.cc, which allows attackers to cause a denial of service via a crafted file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21- osv-coords18 versionspkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/poppler-qt&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/poppler-qt&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/poppler-qt&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/poppler-qt&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/poppler-qt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/poppler-qt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/poppler-qt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/poppler-qt&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/poppler-qt&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
< 0.24.4-14.3.1+ 17 more
- (no CPE)range: < 0.24.4-14.3.1
- (no CPE)range: < 0.43.0-16.5.1
- (no CPE)range: < 0.24.4-14.3.1
- (no CPE)range: < 0.43.0-16.5.1
- (no CPE)range: < 0.24.4-14.3.1
- (no CPE)range: < 0.24.4-14.3.1
- (no CPE)range: < 0.43.0-16.5.1
- (no CPE)range: < 0.43.0-16.5.1
- (no CPE)range: < 0.43.0-16.5.1
- (no CPE)range: < 0.43.0-16.5.1
- (no CPE)range: < 0.43.0-16.5.1
- (no CPE)range: < 0.43.0-16.5.1
- (no CPE)range: < 0.43.0-16.5.1
- (no CPE)range: < 0.43.0-16.5.1
- (no CPE)range: < 0.43.0-16.5.1
- (no CPE)range: < 0.43.0-16.5.1
- (no CPE)range: < 0.43.0-16.5.1
- (no CPE)range: < 0.43.0-16.5.1
Patches
Vulnerability mechanics
References
3- bugs.freedesktop.org/show_bug.cginvdIssue TrackingVendor Advisory
- security.gentoo.org/glsa/201801-17nvdThird Party Advisory
- www.debian.org/security/2018/dsa-4079nvdThird Party Advisory
News mentions
0No linked articles in our index yet.