VYPR
← All advisories
Unrated severityNVD Advisory· Published Jul 28, 2020· Updated Aug 4, 2024

CVE-2020-15900

CVE-2020-15900

Description

A memory corruption vulnerability in Ghostscript 9.50 and 9.52 allows attackers to bypass file access controls via a crafted PostScript file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A memory corruption vulnerability in Ghostscript 9.50 and 9.52 allows attackers to bypass file access controls via a crafted PostScript file.

Vulnerability

A memory corruption issue exists in Artifex Ghostscript versions 9.50 and 9.52. The flaw resides in the handling of a non-standard PostScript operator, specifically in the rsearch calculation for the post size. The size calculation results in a value that is too large, which can underflow to max uint32_t, leading to memory corruption. This can be triggered by processing a specially crafted PostScript file [1][2].

Exploitation

An attacker can exploit this vulnerability by convincing a user or an automated system to process a malicious PostScript file. No authentication is required, and the attack vector is remote. The crafted file triggers the flawed rsearch operator, causing the memory corruption [1].

Impact

Successful exploitation could allow an attacker to bypass file access controls, potentially leading to arbitrary file access, execution of arbitrary code, or a denial of service (crash). The impact is limited by the privileges of the process running Ghostscript [1][2].

Mitigation

The issue was fixed in commit 5d499272b95a6b890a1397e11d20937de000d31b. Ubuntu released updated packages in USN-4445-1 on 3 August 2020 [1]. Gentoo provided an update in GLSA 202008-20, recommending upgrade to >=app-text/ghostscript-gpl-9.52 [2]. No workaround is available; users should apply the patch or update to the fixed version.

References
  1. USN-4445-1: Ghostscript vulnerability | Ubuntu security notices | Ubuntu
  2. Multiple vulnerabilities (GLSA 202008-20) — Gentoo security

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

31

Patches

0

No patches discovered yet.

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

8

News mentions

0

No linked articles in our index yet.