Unrated severityNVD Advisory· Published Aug 19, 2022· Updated Nov 20, 2025

Ghostscript: heap buffer over write vulnerability in ghostscript's lp8000_print_page() in gdevlp8k.c

CVE-2020-27792

Description

A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service.

Affected products

Red Hat/Enterprise Linuxcpe-rescue4 versions
cpe:/a:redhat:enterprise_linux:8::appstream+ 3 more
- cpe:/a:redhat:enterprise_linux:8::appstreamrange: 0:9.27-16.el8_10
- cpe:/o:redhat:enterprise_linux:6
- cpe:/o:redhat:enterprise_linux:7
- cpe:/o:redhat:enterprise_linux:9
osv-coords8 versions
pkg:rpm/almalinux/ghostscript pkg:rpm/almalinux/ghostscript-doc pkg:rpm/almalinux/ghostscript-tools-dvipdf pkg:rpm/almalinux/ghostscript-tools-fonts pkg:rpm/almalinux/ghostscript-tools-printing pkg:rpm/almalinux/ghostscript-x11 pkg:rpm/almalinux/libgs pkg:rpm/almalinux/libgs-devel
< 9.27-16.el8_10+ 7 more
- (no CPE)range: < 9.27-16.el8_10
- (no CPE)range: < 9.27-16.el8_10
- (no CPE)range: < 9.27-16.el8_10
- (no CPE)range: < 9.27-16.el8_10
- (no CPE)range: < 9.27-16.el8_10
- (no CPE)range: < 9.27-16.el8_10
- (no CPE)range: < 9.27-16.el8_10
- (no CPE)range: < 9.27-16.el8_10

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/errata/RHSA-2025:4362mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/security/cve/CVE-2020-27792mitrevdb-entryx_refsource_REDHAT
bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
git.ghostscript.commitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000