Unrated severityNVD Advisory· Published Aug 1, 2023· Updated Nov 20, 2025

Ghostscript: integer overflow in pcl/pl/plfont.c:418 in pl_glyph_name

CVE-2023-38560

Description

An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format.

Affected products

Red Hat/Enterprise Linuxcpe-rescue4 versions
cpe:/o:redhat:enterprise_linux:6+ 3 more
- cpe:/o:redhat:enterprise_linux:6
- cpe:/o:redhat:enterprise_linux:7
- cpe:/o:redhat:enterprise_linux:8
- cpe:/o:redhat:enterprise_linux:9
osv-coords8 versions
pkg:apk/chainguard/ghostscript pkg:apk/chainguard/ghostscript-dbg pkg:apk/chainguard/ghostscript-dev pkg:apk/chainguard/ghostscript-doc pkg:apk/wolfi/ghostscript pkg:apk/wolfi/ghostscript-dbg pkg:apk/wolfi/ghostscript-dev pkg:apk/wolfi/ghostscript-doc
< 10.02.0-r0+ 7 more
- (no CPE)range: < 10.02.0-r0
- (no CPE)range: < 10.02.0-r0
- (no CPE)range: < 10.02.0-r0
- (no CPE)range: < 10.02.0-r0
- (no CPE)range: < 10.02.0-r0
- (no CPE)range: < 10.02.0-r0
- (no CPE)range: < 10.02.0-r0
- (no CPE)range: < 10.02.0-r0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/security/cve/CVE-2023-38560mitrevdb-entryx_refsource_REDHAT
bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
bugs.ghostscript.com/show_bug.cgimitre
git.ghostscript.commitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000